CVE-2025-12392 Cryptocurrency Payment Gateway for WooCommerce <= 2.0.25 - Missing Authorization to Unauthenticated Tracking Status Update

The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleoptinoptout' function in all versions up to, and including, 2.0.25. This makes it possible for unauthenticated attackers to op...

WordPress plugin Cryptocurrency Payment Gateway for WooCommerce 安全漏洞

WordPress Cryptocurrency Payment Gateway for WooCommerce plugin is a virtual currency payment collection plugin designed for WooCommerce e-commerce platform. WordPress Cryptocurrency Payment Gateway for WooCommerce plugin suffers from an unauthorized data modification vulnerability that stems fro...

PT-2025-47279

Name of the Vulnerable Software and Affected Versions Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress versions through 2.0.22 Description The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is susceptible to unauthorized data modification. This is due to a...

EUVD-2013-4032

Malware in sbrugna...

EUVD-2013-4033

Malware in sbrugna...

EUVD-2013-4037

Malware in sbrugna...

EUVD-2006-6822

Malware in sbrugna...

EUVD-2021-11488

Malware in sbrugna...

EUVD-2013-4035

Malware in sbrugna...

EUVD-2023-2720

Malicious code in bioql PyPI...

EUVD-2023-2261

Malicious code in bioql PyPI...

EUVD-2023-27946

Malicious code in bioql PyPI...

CVE-2025-58988 WordPress My Tickets Plugin <= 2.0.22 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joe Dolson My Tickets allows Stored XSS. This issue affects My Tickets: from n/a through 2.0.22...

CVE-2025-58988

CVE-2025-58988 affects the WordPress My Tickets plugin (versions up to 2.0.22). Root cause: improper input neutralization during web page generation, enabling stored XSS. Impact: stored Cross‑Site Scripting as described in multiple sources. Remediation: upgrade to a version later than 2.0.22 (pat...

CVE-2025-58988 WordPress My Tickets Plugin <= 2.0.22 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joe Dolson My Tickets my-tickets allows Stored XSS.This issue affects My Tickets: from n/a through = 2.0.22...

WordPress plugin My Tickets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-36808

Name of the Vulnerable Software and Affected Versions: Joe Dolson My Tickets versions through 2.0.22 Description: The software contains an improper neutralization of input during web page generation, leading to a cross-site scripting XSS issue. This allows for stored XSS attacks. Recommendations:...

CVE-2025-49269

Cross-Site Request Forgery CSRF vulnerability in Anton Vanyukov Market Exporter market-exporter allows Cross Site Request Forgery.This issue affects Market Exporter: from n/a through = 2.0.22...

CVE-2025-49269

Cross-Site Request Forgery CSRF vulnerability in Anton Vanyukov Market Exporter market-exporter allows Cross Site Request Forgery.This issue affects Market Exporter: from n/a through = 2.0.22...

CVE-2025-49269 WordPress Market Exporter <= 2.0.22 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Anton Vanyukov Market Exporter allows Cross Site Request Forgery. This issue affects Market Exporter: from n/a through 2.0.22...