CVE-2025-1288

The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack...

EUVD-2025-2811

Malicious code in bioql PyPI...

EUVD-2025-3558

Malicious code in bioql PyPI...

WordPress wooexim plugin <= 5.0.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WOOEXIM versions = 5.0.0...

CVE-2025-1288

The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack...

CVE-2025-1288 wooexim <= 5.0.0 - CSRF to Reflected XSS

The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack...

CVE-2025-1288 wooexim <= 5.0.0 - CSRF to Reflected XSS

The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack...

CVE-2025-1288

The connected sources confirm a vulnerability in the WOOEXIM WordPress plugin (versions before 5.0.0) where CSRF is not consistently checked and inputs lack proper sanitisation and escaping. This can allow an unauthenticated attacker to trigger a reflected XSS via CSRF, potentially affecting page...

PT-2025-21561 · WordPress · Wooexim

Name of the Vulnerable Software and Affected Versions: WOOEXIM plugin for WordPress versions prior to 5.0.0 Description: The issue concerns the lack of CSRF verification and proper sanitization and escaping in certain areas of the plugin, which could allow attackers to exploit unauthenticated use...

WordPress plugin WOOEXIM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-23944

Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...

CVE-2025-22533

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...

CVE-2025-23944

Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...

CVE-2025-23944 WordPress WOOEXIM Plugin <= 5.0.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...

CVE-2025-23944 WordPress WOOEXIM Plugin <= 5.0.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in bulktheme WOOEXIM wooexim allows Object Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...

CVE-2025-23944

CVE-2025-23944 relates to WOOEXIM – WooCommerce Export Import Plugin (

PT-2025-5222 · Wooexim · Wooexim

Name of the Vulnerable Software and Affected Versions: WOOEXIM versions n/a through 5.0.0 Description: The issue is related to the deserialization of untrusted data, allowing object injection. This can lead to a deserialization attack, potentially permitting an attacker to inject malicious object...

WordPress plugin WOOEXIM 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress WOOEXIM Plugin <= 5.0.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WOOEXIM versions = 5.0.0...

CVE-2025-22533 WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through = 5.0.0...