EUVD-2023-57577

Malicious code in bioql PyPI...

CVE-2025-54008

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through = 3.6.7...

CVE-2025-54008 WordPress JetSmartFilters <= 3.6.7 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetSmartFilters jet-smart-filters allows Retrieve Embedded Sensitive Data.This issue affects JetSmartFilters: from n/a through = 3.6.7...

CVE-2025-54008

CVE-2025-54008 is a vulnerability in Crocoblock JetSmartFilters (JetSmartFilters) versions up to and including 3.6.7, identified as a Sensitive Information Exposure issue. The description notes an insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data. Th...

CVE-2024-10675

The affiliate-toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...

CVE-2022-40469

iKuai OS v3.6.7 was discovered to contain an authenticated remote code execution RCE vulnerability...

CVE-2025-1572

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the ‘uid’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

WordPress plugin KiviCare – Clinic & Patient Management System (EHR) SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2024-47323

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2024-47324

Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

WordPress plugin affiliate-toolkit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin WP Timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

PT-2024-32535 · WordPress · Ex-Themes Wp Timeline

Name of the Vulnerable Software and Affected Versions: Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin versions through 3.6.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for...

CVE-2024-47323

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

WordPress plugin WP Timeline 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin WP Timeline 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2024-32536 · WordPress · Wp Timeline

Name of the Vulnerable Software and Affected Versions: WP Timeline – Vertical and Horizontal timeline plugin versions n/a through 3.6.7 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This...

WordPress WP Timeline plugin <= 3.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WP Timeline – Vertical and Horizontal timeline plugin versions = 3.6.7...

CVE-2024-37101

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AF themes WP Post Author allows Stored XSS.This issue affects WP Post Author: from n/a through 3.6.7...

WordPress WP Post Author plugin <= 3.6.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin WP Post Author versions = 3.6.7...