Malicious code in angular-identity-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54c4b1fd6456e049589f15a4f03fe3fdb5370f3e9d0d66e8664835e3c7cb5f0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in appauth-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42efa6fffab7cf932595ca803e264928de2ca477fd0603ac14dbe52250cd10d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1571 Malicious code in appauth-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42efa6fffab7cf932595ca803e264928de2ca477fd0603ac14dbe52250cd10d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@mythpe/js-helpers (>=4.0.45 <=4.0.99), @ng-zi/extensions (>=18.0.20 <=18.0.24) +4 more potentially affected by CVE-2025-25299 via ckeditor5-premium-features (>=42.0.2 <=43.3.1)

ckeditor5-premium-features NPM version =42.0.2, =4.0.45, =18.0.20, =0.0.8, =1.0.8, =1.0.10 - htmljs-code =44.0.30 - markdownvue3demo =0.0.1 Source cves: CVE-2025-25299 Source advisory: OSV:GHSA-J3MM-WMFM-MWVH...

CVE-2025-23658

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tauhidul Alam Advanced Angular Contact Form advanced-angular-contact-form allows Reflected XSS.This issue affects Advanced Angular Contact Form: from n/a through = 1.1.0...

CVE-2025-23658

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tauhidul Alam Advanced Angular Contact Form advanced-angular-contact-form allows Reflected XSS.This issue affects Advanced Angular Contact Form: from n/a through = 1.1.0...

CVE-2025-23658 WordPress Advanced Angular Contact Form plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tauhidul Alam Advanced Angular Contact Form advanced-angular-contact-form allows Reflected XSS.This issue affects Advanced Angular Contact Form: from n/a through = 1.1.0...

CVE-2025-23658 WordPress Advanced Angular Contact Form plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tauhidul Alam Advanced Angular Contact Form allows Reflected XSS. This issue affects Advanced Angular Contact Form: from n/a through 1.1.0...

CVE-2025-23658

CVE-2025-23658: Reflected XSS in WordPress plugin Advanced Angular Contact Form (

WordPress plugin Advanced Angular Contact Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2020-5219

Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compileuserControlledInput where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the...

MAL-2025-1182 Malicious code in traceviz-angular-trace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc7506396340e0fbf5af727101b0de36f0206b339fe3d96829af17496da4b406 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in traceviz-angular-trace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc7506396340e0fbf5af727101b0de36f0206b339fe3d96829af17496da4b406 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-330 Malicious code in angular-blockchain-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d57e81ada5d84957a71a8517f91acfb92043935f30ce2427748fcc55b5514d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in angular-blockchain-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d57e81ada5d84957a71a8517f91acfb92043935f30ce2427748fcc55b5514d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in aem-angular-editable-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fca4a582054bbff21e69768e3b5934e358df88c79f61073e65cf4272a8510544 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-268 Malicious code in aem-angular-editable-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fca4a582054bbff21e69768e3b5934e358df88c79f61073e65cf4272a8510544 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@wcd/gqio.angular-element-starter-kit (=0.1.0), @wcd/gqio.angular-element-todo (=0.1.0) potentially affected by unknown CVE via platform-browser-dynamic (=0.0.1-security)

platform-browser-dynamic NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on platform-browser-dynamic and may be impacted: - @wcd/gqio.angular-element-starter-kit =0.1.0 - @wcd/gqio.angular-element-todo =0.1.0 Source cves: unkno...

WordPress Advanced Angular Contact Form plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Advanced Angular Contact Form versions = 1.1.0...

Arbitrary Code Execution (ACE)

angular-expressions is vulnerable to Arbitrary Code Execution ACE. The vulnerability is due to ability to escape the sandbox through a malicious expression, allowing an attacker to execute arbitrary code on the system...