EUVD-2024-32237

Malicious code in bioql PyPI...

EUVD-2024-27149

Malicious code in bioql PyPI...

EUVD-2024-27143

Malicious code in bioql PyPI...

CVE-2024-3662

The WPZOOM Social Feed Widget & Block plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpzoominstagramcleardata function in all versions up to, and including, 2.1.13. This makes it possible for authenticated attackers, with subscriber-level access...

CVE-2024-8276

The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping...

WordPress Social Icons Widget & Block plugin < 4.2.18 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Social Icons Widget & Block by WPZOOM versions 4.2.18...

PT-2024-27098 · Wpzoom · Wpzoom Social Feed Widget & Block

Name of the Vulnerable Software and Affected Versions: WPZOOM Social Feed Widget & Block plugin for WordPress versions up to, and including, 2.1.13 Description: The issue is related to unauthorized access due to a missing capability check on the wpzoom instagram clear data function. This allows...

CVE-2024-2187 Beaver Builder Addons by WPZOOM <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget

The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...