122 matches found
All Thrive Themes and Plugins - Unauthenticated Option Update
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...
trust-my-travel (>=0.1.0 <=0.1.2), zapier-axios (>=0.1.4 <=0.1.8) potentially affected by unknown CVE via axios-timed (=1.0.0)
axios-timed NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on axios-timed and may be impacted: - trust-my-travel =0.1.0, =0.1.4, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191068...
Malicious code in @zapier/spectral-api-ruleset (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3f10a9695952f169fff0da94ca1ea47045d97dd486857aad5dbc7b608e2316b The package @zapier/spectral-api-ruleset was found to contain malicious code. Source: google-open-source-security...
Malicious code in zapier-platform-legacy-scripting-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90298308f4d64cfb41746e3f65bcdbae9f4d790f7db3034608ea5d520aa73cc The package zapier-platform-legacy-scripting-runner was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190928 Malicious code in zapier-platform-legacy-scripting-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90298308f4d64cfb41746e3f65bcdbae9f4d790f7db3034608ea5d520aa73cc The package zapier-platform-legacy-scripting-runner was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-198909
Malicious code in @zapier/mcp-integration npm...
MAL-2025-190917 Malicious code in @zapier/ai-actions-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0711da4a6c6d0dbc599d757b367430a63ae51f6f4fb48b6758fb21ba718b0778 The package @zapier/ai-actions-react was found to contain malicious code. Source: google-open-source-security...
Malicious code in @zapier/ai-actions-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0711da4a6c6d0dbc599d757b367430a63ae51f6f4fb48b6758fb21ba718b0778 The package @zapier/ai-actions-react was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-198899
Malicious code in zapier-platform-legacy-scripting-runner npm...
EUVD-2025-198908
Malicious code in @zapier/spectral-api-ruleset npm...
EUVD-2025-198910
Malicious code in @zapier/ai-actions-react npm...
MAL-2025-190918 Malicious code in @zapier/mcp-integration (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b2f7745be8592869c863671add1d5a04c1d33f7a2c23a54fde611a5e021226 The package @zapier/mcp-integration was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190920 Malicious code in @zapier/stubtree (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8dfbd67e2e2058bdfb35bcccc34ffd8ed380f6f22fc196d18803fbca6725a04 The package @zapier/stubtree was found to contain malicious code. Source: google-open-source-security...
Malicious code in @zapier/stubtree (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8dfbd67e2e2058bdfb35bcccc34ffd8ed380f6f22fc196d18803fbca6725a04 The package @zapier/stubtree was found to contain malicious code. Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@zapier/ai-actions-react (>=0.0.1 <=0.1.11) potentially affected by unknown CVE via @zapier/ai-actions (>=0.0.1 <=0.1.11)
@zapier/ai-actions NPM version =0.0.1, =0.0.1, =0.1.11 Source cves: unknown CVE Source advisory: SNYK:JS-ZAPIERAIACTIONS-14103233...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...