Malicious code in paysafe-gbp-virtual-assistant-lib-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 940faf3ecfa6ee3c09c995a5f124d4a3b53bf2e2e5eaccea8156ce7bd25494eb The package paysafe-gbp-virtual-assistant-lib-fe was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-4169 Malicious code in paysafe-gbp-virtual-assistant-lib-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 940faf3ecfa6ee3c09c995a5f124d4a3b53bf2e2e5eaccea8156ce7bd25494eb The package paysafe-gbp-virtual-assistant-lib-fe was found to contain malicious code. Source: ossf-package-analysis...

Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your Business

Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data...

CVE-2025-22725

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through = 3.1...

CVE-2025-22725

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through = 3.1...

CVE-2025-22725 WordPress WP Virtual Assistant plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through = 3.1...

CVE-2025-22725

CVE-2025-22725 affects the WordPress plugin WP Virtual Assistant (VirtualAssistant) . The connected Wordfence report confirms an unauthenticated stored XSS vulnerability in the plugin’s web page generation, affecting the “Virtual Assistant” feature and versions up to 3.0/3.1 as cited. The CVE des...

CVE-2025-22725 WordPress WP Virtual Assistant plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Stored XSS.This issue affects WP Virtual Assistant: from n/a through = 3.1...

WordPress WP Virtual Assistant plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Virtual Assistant versions = 3.1...

WordPress plugin WP Virtual Assistant 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Virtual Assistant versions = 3.0...

CVE-2025-60155

Missing Authorization vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Virtual Assistant: from n/a through = 3.0...

CVE-2025-60155 WordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Virtual Assistant: from n/a through = 3.0...

CVE-2025-60155

CVE-2025-60155 refers to a missing-authorization vulnerability in WP Virtual Assistant. Connected sources confirm affected software: WP Virtual Assistant (≤3.0). The CVE lists a CVSS v3.1 base score of 5.3 (Medium) with network attack vector, no privileges required, and potential low integrity im...

CVE-2025-60155 WordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in loopus WP Virtual Assistant VirtualAssistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Virtual Assistant: from n/a through = 3.0...

WordPress plugin WP Virtual Assistant 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-39597

Name of the Vulnerable Software and Affected Versions WP Virtual Assistant versions through 3.0 Description An authorization issue exists in WP Virtual Assistant, allowing exploitation of incorrectly configured access control security levels. Recommendations Update WP Virtual Assistant to a versi...

Malicious code in dx-virtual-assistent-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b41db1f1208b92ea920b51ff3e83bf1718e6d1e551159eb752a0325961c9fd6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

HCL Technologies HCL DRYiCE Optibot Reset Station 安全漏洞

HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in the HCL Technologies HCL DRYiCE Optibot Reset Station that stems from being affected by insecure encryption with a one-time password OTP...

HCL Technologies HCL DRYiCE Optibot Reset Station 安全漏洞

HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in the HCL Technologies HCL DRYiCE Optibot Reset Station, which stems from being affected by insecure encryption for security issues...