CVE-2025-1289

The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

EUVD-2019-8367

Malware in sbrugna...

EUVD-2020-2899

Malware in sbrugna...

EUVD-2018-11112

Malware in sbrugna...

EUVD-2018-17466

Malware in sbrugna...

EUVD-2020-2862

Malware in sbrugna...

EUVD-2015-9171

Malware in sbrugna...

EUVD-2007-1996

Malware in sbrugna...

EUVD-2020-14971

Malware in sbrugna...

EUVD-2023-54161

Malicious code in bioql PyPI...

EUVD-2023-12968

Malicious code in bioql PyPI...

EUVD-2025-13285

Malicious code in bioql PyPI...

EUVD-2024-51361

Malicious code in bioql PyPI...

EUVD-2022-43180

Malicious code in bioql PyPI...

CVE-2024-5026

The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5026

The CM Tooltip Glossary WordPress plugin before 4.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-4091 Responsive Gallery Grid < 2.3.15 - Admin+ Stored XSS

The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2024-11273

The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed fo...

CVE-2025-1452 Favorites < 2.3.5 - Admin+ Stored XSS

The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1452 Favorites < 2.3.5 - Admin+ Stored XSS

The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...