EUVD-2025-204787

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme WPBulky allows Blind SQL Injection.This issue affects WPBulky: from n/a through 1.1.13...

CVE-2024-56364

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in 1.0.12 and ending in 1.1.13, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. This vulnerability is fixed in 1.1.13...

WordPress Booking Ultra Pro plugin <= 1.1.13 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Updates vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Settings Updates vulnerability discovered by Lucio Sá in WordPress Plugin Booking Ultra Pro versions = 1.1.13...

WordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Booking Ultra Pro versions = 1.1.13...

borgapi (>=0.1.3.dev1 <=0.6.1), borgini (=1.0.0) +2 more potentially affected by CVE-2023-36811 via borgbackup (>=1.1.13 <=1.2.4)

borgbackup PYPI version =1.1.13, =0.1.3.dev1, =0.12.0, =4.9.0, =4.10.1 Source cves: CVE-2023-36811 Source advisory: OSV:PYSEC-2023-164...