15 matches found
EUVD-2024-34197
Malicious code in bioql PyPI...
EUVD-2025-8396
Malicious code in bioql PyPI...
CVE-2024-11779
The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wipwoocarouselproductscarousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-30769
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769 WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in alexvtn WIP WooCarousel Lite wip-woocarousel-lite allows Stored XSS.This issue affects WIP WooCarousel Lite: from n/a through = 1.1.7...
CVE-2025-30769
CVE-2025-30769 is a CSRF flaw in WIP WooCarousel Lite that enables stored XSS. Affected: WIP WooCarousel Lite
WordPress plugin WIP WooCarousel Lite 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site request forgery...
PT-2025-13055 · Wip · Woocarousel Lite
Name of the Vulnerable Software and Affected Versions: WIP WooCarousel Lite versions 1.1.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can execute malicious scripts on the victim's browser,...
WordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WIP WooCarousel Lite versions = 1.1.7...
CVE-2024-11779
The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wipwoocarouselproductscarousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-11779
CVE-2024-11779 : The WIP WooCarousel Lite WordPress plugin is vulnerable to stored XSS via the shortcode wip_woocarousel_products_carousel in all versions up to 1.1.6. Authenticated attackers with contributor-level access can inject scripts that execute when users load the injected page. The CVE ...
CVE-2024-11779 WIP WooCarousel Lite <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wipwoocarouselproductscarousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress plugin WIP WooCarousel Lite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WIP WooCarousel Lite plugin <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin WIP WooCarousel Lite versions = 1.1.6...