CVE-2025-58471

CVE-2025-58471 affects QNAP Qsync Central. The issue is an allocation of resources without limits or throttling, which an admin-authenticated remote attacker could exploit to cause a denial of service by preventing other systems, applications, or processes from accessing the same type of resource...

PT-2025-48228

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.4. This is due to the plugin not properly logging in a user with the data that was previously verified through the 'findall membership check facebook user' and the 'findall...

EUVD-2020-27452

Malware in sbrugna...

EUVD-2017-16522

Malware in sbrugna...

EUVD-2019-4097

Malware in sbrugna...

EUVD-2018-5386

Malware in sbrugna...

EUVD-2021-16137

Malware in sbrugna...

EUVD-2022-48912

Malicious code in bioql PyPI...

EUVD-2024-49116

Malicious code in bioql PyPI...

EUVD-2024-49071

Malicious code in bioql PyPI...

EUVD-2021-31420

Malicious code in bioql PyPI...

EUVD-2023-1579

Malicious code in bioql PyPI...

CVE-2022-42237

A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account...

CVE-2020-8771

The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWPJSONPREFIX causes the client to be logged in as the first account on the list of administrator accounts...

CVE-2025-47785 EMLOG SQL Injection Vulnerability

Emlog is an open source website building system. In versions up to and including 2.5.9, SQL injection occurs because the $origContent parameter in admin/articlesave.php is not strictly filtered. Since admin/articlesave.php can be accessed by ordinary registered users, this will cause SQL injectio...

CVE-2024-8349

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...

CVE-2024-8349

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...

CVE-2024-8349 Uncanny Groups for LearnDash <= 6.1.0.1 - Authenticated (Group Leader+) Privilege Escalation

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...

CVE-2024-8349

CVE-2024-8349 / CVE-2024-8350 (Uncanny Groups for LearnDash, WordPress) : The WordPress plugin is vulnerable to privilege escalation via a flawed access check in the group-management REST endpoint. Authenticated users with group leader level access (and above) can add or modify group members and,...

CVE-2024-8349 Uncanny Groups for LearnDash <= 6.1.0.1 - Authenticated (Group Leader+) Privilege Escalation

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...