armature-diesel (=0.1.0), authzen-diesel (=0.1.0-alpha.0) +13 more potentially affected by unknown CVE via diesel-async (>=0.1.1 <=0.5.2)

diesel-async CARGO version =0.1.1, =0.1.0, =0.17.0, =0.17.0, =0.17.0, =0.11.0, =0.0.1, =0.1.0, =0.2.0 Source cves: unknown CVE Source advisory: OSV:GHSA-FF9Q-RM55-Q7QR...

CuPs (>=0.0.0 <=0.0.5), Druid_task1 (=0.1.0) +94 more potentially affected by unknown CVE via unic-ucd-bidi (>=0.1.1 <=0.9.0)

unic-ucd-bidi CARGO version =0.1.1, =0.0.0, =1.11.3, =0.3.0, =0.1.0-alpha.4, =0.3.0, =0.4.0, =0.2.4-beta, =0.7.0, =0.4.0, =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0083...

unic (>=0.5.0 <=0.6.0), unic-bidi (>=0.1.0 <=0.6.0) +10 more potentially affected by unknown CVE via unic-ucd-core (>=0.1.1 <=0.6.0)

unic-ucd-core CARGO version =0.1.1, =0.5.0, =0.1.0, =0.1.1, =0.4.0, =0.1.0, =0.5.0, =0.3.0, =0.1.0, =0.5.0, =0.1.0, =0.6.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0103...

CVE-2025-49422

Incorrect Privilege Assignment vulnerability in themepassion Support Ticket support-ticket allows Privilege Escalation.This issue affects Support Ticket: from n/a through = 1.9...

WordPress plugin iframe Wrapper 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-33946 · Vikas Sharma · Iframe Block

Name of the Vulnerable Software and Affected Versions: iFrame Block versions n/a through 0.1.1 Description: This issue involves improper neutralization of input during web page generation, leading to a Stored Cross-site Scripting XSS condition in Vikas Sharma iFrame Block. Successful exploitation...

WordPress iframe Wrapper plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin iframe Wrapper versions = 0.1.1...

PT-2025-5936 · Unknown · Sainwp Onestore Sites

Name of the Vulnerable Software and Affected Versions: sainwp OneStore Sites versions 0.1.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects sainwp OneStore Sites, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For sainwp OneStore Sites...

CVE-2025-23624

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alessandro Benoit WpDevTool wpdevtool allows Reflected XSS.This issue affects WpDevTool: from n/a through = 0.1.1...

WordPress Echoza plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Echoza versions = 0.1.1...

Hacker Hotel Badge Security Breach

Hacker Hotel Badge is a chip badge of the Hacker Hotel organization. A security vulnerability exists in Hacker Hotel Badge 2024 versions 0.1.0 through 0.1.3, which stems from an unrestricted resource allocation and can lead to a denial of service attack...

1.5fabao (=1.0.0), 11-3-address-ly (>=1.0.0 <=1.0.2) +2388 more potentially affected by CVE-2023-26158 via mockjs (>=0.1.1 <=1.1.0)

mockjs NPM version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.0.5, =0.0.3, =1.0.0, =0.1.1, =0.2.0 and more Source cves: CVE-2023-26158 Source advisory: OSV:GHSA-MH8J-9JVH-GJF6...

03_class (>=1.0.0 <=1.0.1), 10secondsofcode-custom (=1.0.0) +4972 more potentially affected by CVE-2022-33987 via got (>=0.1.1 <=11.8.3)

got NPM version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =2.4.0, =1.0.1, =1.0.0, =0.1.13, =0.1.1, =0.0.412, =0.48.0, =0.0.14, =0.0.19 and more Source cves: CVE-2022-33987 Source advisory: OSV:GHSA-PFRX-2Q88-QQ97...

proctree 操作系统命令注入漏洞

proctree is used to get or display the process tree. A security vulnerability exists in proctree 0.1.1 and earlier versions, which stems from the vulnerability of Node.js packages to a command injection attack that can be exploited by an attacker to remotely execute code on a machine running...

3m5-coco (>=0.0.2 <=0.0.981), @24hr/sentry-logger-node (>=0.4.0 <=1.2.2) +278 more potentially affected by CVE-2021-23624 +1 more via dotty (>=0.0.1 <=0.1.1)

dotty NPM version =0.0.1, =0.0.2, =0.4.0, =1.1.4, =0.0.2, =1.15.3, =0.1.0, =0.1.6, =1.0.4, =0.1.6, =0.1.0, =1.0.0, =1.0.0, =1.0.7 - @kikiemz/komzpol =1.1.2 and more Source cves: CVE-2021-23624, CVE-2021-25912 Source advisory: SNYK:JS-DOTTY-1577292...

airflow-clickhouse-plugin (>=0.5.1 <=0.5.3), baluchon (=0.0.1) +4 more potentially affected by CVE-2020-26759 via clickhouse-driver (>=0.1.1 <=0.1.4)

clickhouse-driver PYPI version =0.1.1, =0.5.1, =0.0.4, =0.0.31, =2.2.0, =2.3.2 Source cves: CVE-2020-26759 Source advisory: OSV:PYSEC-2021-61...

@colmena/api (=0.1.0), @colmena/colmena-loopback (>=0.0.4 <=0.2.1) +57 more potentially affected by CVE-2019-15597 via node-df (>=0.1.1 <=0.1.4)

node-df NPM version =0.1.1, =0.0.4, =0.0.1, =1.1.0, =3.0.0-alpha.8, =3.0.0-alpha.1, =3.0.0-alpha.0, =0.1.0, =1.0.0, =1.30.0, =0.0.1, =1.0.0, =1.0.0, =1.1.3 and more Source cves: CVE-2019-15597 Source advisory: OSV:GHSA-WP7M-MRVF-599C...