87 matches found
EUVD-2024-28408
Malicious code in bioql PyPI...
EUVD-2023-50534
Malicious code in bioql PyPI...
EUVD-2024-34872
Malicious code in bioql PyPI...
EUVD-2025-18085
Malicious code in bioql PyPI...
EUVD-2024-48353
Malicious code in bioql PyPI...
EUVD-2023-37182
Malicious code in bioql PyPI...
EUVD-2024-42546
Malicious code in bioql PyPI...
CVE-2025-4666
The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
WordPress ZotPress plugin <= 7.3.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'nickname' vulnerability
Authenticated Author+ Stored Cross-Site Scripting via 'nickname' vulnerability discovered by mohamed hamadou ZoeniX in WordPress Plugin Zotpress versions = 7.3.15...
CVE-2025-4666
The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2025-4666
CVE-2025-4666 (Zotpress for WordPress) : Stored Cross-Site Scripting via the nickname parameter affects Zotpress versions up to 7.3.15. Reported as exploitable by authenticated attackers with Author-level access and above. Root cause: insufficient input sanitization/output escaping. Impact: scrip...
CVE-2025-4666 ZotPress <= 7.3.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'nickname'
The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2025-4666 ZotPress <= 7.3.15 - Authenticated (Author+) Stored Cross-Site Scripting via 'nickname'
The Zotpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nickname’ parameter in all versions up to, and including, 7.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
PT-2025-25179 · WordPress · Zotpress
Name of the Vulnerable Software and Affected Versions: Zotpress plugin for WordPress versions up to, and including, 7.3.15 Description: The issue is related to Stored Cross-Site Scripting via the nickname parameter due to insufficient input sanitization and output escaping. This allows...
WordPress plugin Zotpress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
CVE-2024-7429
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ZotpressprocessaccountsAJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2024-34569
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through = 7.3.9...
CVE-2024-47621
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Katie Zotpress zotpress allows Stored XSS.This issue affects Zotpress: from n/a through = 7.3.10...
CVE-2023-32961
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Katie Seaborn Zotpress plugin = 7.3.3 versions...
CVE-2024-30488
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through = 7.3.7...