PT-2026-45887

The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the get shop url method returning the shop name setting value without sanitization when it begins with "http", combined with insufficient validation in...

CVE-2025-70842

A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...

CVE-2017-12947

classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators...

EUVD-2019-3295

Malware in sbrugna...

EUVD-2019-2929

Malware in sbrugna...

EUVD-2016-10190

Malware in sbrugna...

EUVD-2016-10439

Malware in sbrugna...

EUVD-2017-4470

Malware in sbrugna...

EUVD-2017-4495

Malware in sbrugna...

EUVD-2019-13380

Malware in sbrugna...

EUVD-2017-7351

Malware in sbrugna...

EUVD-2020-7250

Malware in sbrugna...

EUVD-2020-23255

Malware in sbrugna...

EUVD-2019-19281

Malware in sbrugna...

EUVD-2022-25053

Malicious code in bioql PyPI...

EUVD-2024-2553

Malicious code in bioql PyPI...

EUVD-2023-31765

Malicious code in bioql PyPI...

EUVD-2023-31764

Malicious code in bioql PyPI...

EUVD-2023-31759

Malicious code in bioql PyPI...

EUVD-2023-29825

Malicious code in bioql PyPI...