37 matches found
EUVD-2025-17190
Malicious code in bioql PyPI...
EUVD-2024-50650
Malicious code in bioql PyPI...
EUVD-2025-24903
Malicious code in bioql PyPI...
CVE-2025-53582
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordLift WordLift wordlift allows Stored XSS.This issue affects WordLift: from n/a through = 3.54.5...
CVE-2025-53582
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordLift WordLift wordlift allows Stored XSS.This issue affects WordLift: from n/a through = 3.54.5...
CVE-2025-53582 WordPress WordLift Plugin <= 3.54.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordLift WordLift wordlift allows Stored XSS.This issue affects WordLift: from n/a through = 3.54.5...
CVE-2025-53582
CVE-2025-53582 is a stored XSS vulnerability in WordLift WordLift (WordLift plugin) affecting versions up to 3.54.5. The issue arises from improper neutralization of input during web page generation. Reports from Patchstack/Wordfence/CVEs indicate a patch version beyond 3.54.5 is available, and W...
CVE-2025-53582 WordPress WordLift Plugin <= 3.54.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordLift WordLift wordlift allows Stored XSS.This issue affects WordLift: from n/a through = 3.54.5...
WordPress WordLift Plugin <= 3.54.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin WordLift versions = 3.54.5...
PT-2025-33378 · WordPress · Wordlift
Name of the Vulnerable Software and Affected Versions: WordLift versions through 3.54.5 Description: WordLift is susceptible to a cross-site scripting XSS issue that allows for stored XSS attacks. This occurs due to improper neutralization of input during web page generation. Recommendations:...
WordPress plugin WordLift 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
CVE-2025-30624
Missing Authorization vulnerability in WordLift WordLift wordlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordLift: from n/a through = 3.54.4...
CVE-2025-30624
Missing Authorization vulnerability in WordLift WordLift wordlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordLift: from n/a through = 3.54.4...
CVE-2025-30624 WordPress WordLift plugin <= 3.54.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WordLift WordLift wordlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordLift: from n/a through = 3.54.4...
CVE-2025-30624
CVE-2025-30624 (WordLift) is a Missing Authorization vulnerability in the WordLift WordLift WordPress plugin. The issue stems from incorrectly configured access control security levels. Affected versions are from n/a through 3.54.4. CVSS v3.1 base score is 4.3 (Medium) with vectors AV:N/AC:L/PR:L...
CVE-2025-30624 WordPress WordLift plugin <= 3.54.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WordLift WordLift wordlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordLift: from n/a through = 3.54.4...
WordPress plugin WordLift 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-24146 · Wordlift · Wordlift
Name of the Vulnerable Software and Affected Versions: WordLift versions 3.54.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For WordLift versions 3.54.4 and...
CVE-2024-12176
The WordLift – AI powered SEO – Schema plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'wlconfigplugin' AJAX action in all versions up to, and including, 3.54.2. This makes it possible for unauthenticated attackers to update the plugin's settings...
CVE-2022-3069
The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...