23 matches found
EUVD-2025-9864
Malicious code in bioql PyPI...
EUVD-2024-34197
Malicious code in bioql PyPI...
EUVD-2025-8396
Malicious code in bioql PyPI...
CVE-2024-11779
The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wipwoocarouselproductscarousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-32153
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in vinagecko VG WooCarousel vg-woocarousel allows PHP Local File Inclusion.This issue affects VG WooCarousel: from n/a through = 1.3...
CVE-2025-32153
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in vinagecko VG WooCarousel vg-woocarousel allows PHP Local File Inclusion.This issue affects VG WooCarousel: from n/a through = 1.3...
CVE-2025-32153
CVE-2025-32153 affects VG WooCarousel (WordPress VG WooCarousel plugin) up to version 1.3. It is an authenticated Local File Inclusion via improper control of the filename used in PHP include/require, enabling access to local files. Patch status shown as Unpatched in Wordfence vulnerability data;...
CVE-2025-32153 WordPress VG WooCarousel plugin <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in vinagecko VG WooCarousel vg-woocarousel allows PHP Local File Inclusion.This issue affects VG WooCarousel: from n/a through = 1.3...
CVE-2025-32153 WordPress VG WooCarousel plugin <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in vinagecko VG WooCarousel allows PHP Local File Inclusion. This issue affects VG WooCarousel: from n/a through 1.3...
PT-2025-14939 · Vinagecko · Vg Woocarousel
Name of the Vulnerable Software and Affected Versions: vinagecko VG WooCarousel versions 1.3 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Loca...
WordPress plugin VG WooCarousel 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2025-30769
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769 WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769
CVE-2025-30769 is a CSRF flaw in WIP WooCarousel Lite that enables stored XSS. Affected: WIP WooCarousel Lite
WordPress plugin WIP WooCarousel Lite 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site request forgery...
PT-2025-13055 · Wip · Woocarousel Lite
Name of the Vulnerable Software and Affected Versions: WIP WooCarousel Lite versions 1.1.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can execute malicious scripts on the victim's browser,...
WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WIP WooCarousel Lite versions = 1.1.7...
CVE-2024-11779
The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wipwoocarouselproductscarousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-11779
CVE-2024-11779 : The WIP WooCarousel Lite WordPress plugin is vulnerable to stored XSS via the shortcode wip_woocarousel_products_carousel in all versions up to 1.1.6. Authenticated attackers with contributor-level access can inject scripts that execute when users load the injected page. The CVE ...