3d-tiles-tools (>=0.1.0 <=0.1.3), 7ghost (>=4.11.0 <=4.11.46) +535 more potentially affected by CVE-2025-61140 via jsonpath (>=0.1.3 <=1.1.1)

jsonpath NPM version =0.1.3, =0.1.0, =4.11.0, =0.0.11, =0.6.0, =0.82.10-20200221024018, =0.1.27, =1.0.0, =2.0.15, =1.0.2, =1.0.0, =1.1.0, =3.0.6371, =4.0.2, =2.0.4, =2.1.27 and more Source cves: CVE-2025-61140 Source advisory: OSV:GHSA-6C59-MWGH-R2X6...

WordPress plugin Banner Garden Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-5256 · Unknown · Ppo Call To Actions

Name of the Vulnerable Software and Affected Versions: PPO Call To Actions versions 0.1.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects PPO Call To Actions, allowing unauthorized requests. The estimated number of potentially affected devices worldwide is not specified...

WordPress PPO Call To Actions plugin <= 0.1.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin PPO Call To Actions versions = 0.1.3...

PT-2024-35306 · Unknown · Explara Events

Name of the Vulnerable Software and Affected Versions: Explara Events versions 0.1.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious scripts in...

PT-2024-34717 · Unknown · Simple Goods

Name of the Vulnerable Software and Affected Versions: Simple Goods versions 0.1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in Simple Goods. Recommendations: For...

PT-2024-33606 · Elementor · Extra Privacy For Elementor

Name of the Vulnerable Software and Affected Versions: Extra Privacy for Elementor versions 0.1.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks...

PT-2024-22316

Name of the Vulnerable Software and Affected Versions turbo boost-commands versions prior to 0.1.3 turbo boost-commands versions prior to 0.2.2 Description TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the...

Hacker Hotel Badge Security Breach

Hacker Hotel Badge is a chip badge of the Hacker Hotel organization. A security vulnerability exists in Hacker Hotel Badge 2024 versions 0.1.0 through 0.1.3, which stems from an unrestricted resource allocation and can lead to a denial of service attack...

PT-2024-14997 · WordPress · Tj Shortcodes

Name of the Vulnerable Software and Affected Versions: TJ Shortcodes WordPress plugin versions 0.1.3 and earlier Description: The issue concerns the lack of validation and escaping of certain shortcode attributes in the TJ Shortcodes WordPress plugin, which can lead to Stored Cross-Site Scripting...

hina (>=0.0.1 <=0.1.3) potentially affected by CVE-2020-36511 via bite (=0.0.5)

bite CARGO version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on bite and may be impacted: - hina =0.0.1, =0.1.3 Source cves: CVE-2020-36511 Source advisory: OSV:GHSA-72R2-RG28-47V9...

@addo/common-api (>=1.0.0 <=1.0.9), @ahbbvc/invoice-generator (>=1.0.0 <=1.0.9) +262 more potentially affected by CVE-2019-15138 via html-pdf (>=0.1.3 <=2.2.0)

html-pdf NPM version =0.1.3, =1.0.0, =1.0.0, =1.1.1, =2.0.14, =0.0.1, =2.0.1, =1.0.0, =3.5.2, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2 and more Source cves: CVE-2019-15138 Source advisory: OSV:GHSA-X4W5-R546-X9QH...