CVE-2025-14886

The Japanized for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the order REST API endpoint in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to mark any WooCommerce order a...

CVE-2025-14886

The Japanized for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the order REST API endpoint in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to mark any WooCommerce order a...

WordPress plugin Japanized for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-205238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.7.17...

CVE-2025-68597

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.8.1...

CVE-2025-68597 WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.8.1...

CVE-2025-68597 WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.8.1...

EUVD-2020-12928

Malware in sbrugna...

EUVD-2024-16946

Malicious code in bioql PyPI...

CVE-2024-1178

The SportsPress – Sports Club & League Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to update the...

CVE-2020-20140

Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...

CVE-2020-20139

Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

WordPress PowerPack Addons for Elementor plugin <= 2.7.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via *_html_tag* vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via htmltag vulnerability discovered by wesley wcraft in WordPress Plugin PowerPack Addons for Elementor versions = 2.7.17...

CVE-2024-2491

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmltag attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress Plugin PowerPack Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2024-17252 · WordPress · Sportspress

Name of the Vulnerable Software and Affected Versions: SportsPress – Sports Club & League Manager plugin for WordPress versions up to, and including, 2.7.17 Description: The issue allows unauthorized modification of data due to a missing capability check on the settings save function. This makes ...

WordPress Plugin SportsPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress FooBox Image Lightbox plugin < 2.7.17 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress FooBox Image Lightbox plugin versions 2.7.17. Solution Update the WordPress FooBox Image Lightbox plugin to the latest available version at least 2.7.17...

Python < 2.7.17, 3.x < 3.4.10, 3.5.x < 3.5.7, 3.6.x < 3.6.9, 3.7.x < 3.7.3 Cookie domain check returns incorrect results (bpo-35121) - Linux

Python is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python < 2.7.17, 3.x < 3.5.8, 3.6.x < 3.6.10, 3.7.x < 3.7.5 XSS Vulnerability (bpo-38243) - Mac OS X

Python is prone to a reflected cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...