69 matches found
EUVD-2025-13799
Malicious code in bioql PyPI...
EUVD-2024-28133
Malicious code in bioql PyPI...
EUVD-2024-42388
Malicious code in bioql PyPI...
EUVD-2024-30399
Malicious code in bioql PyPI...
EUVD-2025-3892
Malicious code in bioql PyPI...
EUVD-2024-29267
Malicious code in bioql PyPI...
EUVD-2022-43508
Malicious code in bioql PyPI...
EUVD-2024-37554
Malicious code in bioql PyPI...
EUVD-2025-28175
Malicious code in bioql PyPI...
CVE-2025-58192
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bulk Delete: from n/a through = 1.3.6...
CVE-2025-58192
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bulk Delete: from n/a through = 1.3.6...
CVE-2025-58192
Missing Authorization vulnerability in Xylus Themes WP Bulk Delete allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Bulk Delete: from n/a through 1.3.6...
CVE-2025-58192
CVE-2025-58192 affects the WordPress plugin “WP Bulk Delete” (Xylus Themes WP Bulk Delete) up to version 1.3.6. Description: missing/incorrect authorization allows bypass of access control, enabling actions that should be restricted. Impact per sources ranges from MEDIUM (CVSS 3.1 base 5.4) to lo...
PT-2025-34908 · WordPress +1 · Wordpress +1
Name of the Vulnerable Software and Affected Versions: Xylus Themes WP Bulk Delete versions through 1.3.6 Description: A missing authorization flaw exists in Xylus Themes WP Bulk Delete, allowing exploitation of incorrectly configured access control security levels. Recommendations: Update Xylus...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3...
CVE-2025-47453
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2025-47453
CVE-2025-47453 affects the WordPress plugin WP Smart Import (Xylus Themes) up to version 1.1.3, with a local file inclusion (LFI) vulnerability caused by improper control of Include/Require filename handling. Evidence in the CVE record and multiple connected sources confirms the vulnerability is ...
CVE-2025-47453 WordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through = 1.1.3...
CVE-2024-32597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7...