WordPress Customize Login Image <3.5.3 - Cross-Site Scripting

WordPress Customize Login Image plugin prior to 3.5.3 contains a cross-site scripting vulnerability via the custom logo link on the Settings page. This can allow an attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2021-33851 info: name: WordPress Customi...

CVE-2023-49197

Cross-Site Request Forgery CSRF vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2...

PT-2025-49996

Cross-Site Request Forgery CSRF vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through = 3.5.1...

EUVD-2022-40673

Malicious code in bioql PyPI...

EUVD-2023-48506

Malicious code in bioql PyPI...

EUVD-2025-13759

Malicious code in bioql PyPI...

EUVD-2023-53202

Malicious code in bioql PyPI...

CVE-2023-44147

Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through = 1.1.0...

CVE-2025-47626

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in apasionados Submission DOM tracking for Contact Form 7 allows Stored XSS. This issue affects Submission DOM tracking for Contact Form 7: from n/a through 2.0...

CVE-2025-47625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in apasionados DoFollow Case by Case allows Stored XSS. This issue affects DoFollow Case by Case: from n/a through 3.5.1...

CVE-2025-47624

Cross-Site Request Forgery CSRF vulnerability in apasionados DoFollow Case by Case allows Cross Site Request Forgery. This issue affects DoFollow Case by Case: from n/a through 3.5.1...

PT-2025-20188 · Unknown · Apasionados Email Notification On Login

Name of the Vulnerable Software and Affected Versions: apasionados Email Notification on Login versions n/a through 1.6.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that ...

PT-2025-20192 · Unknown · Apasionados Submission Dom Tracking For Contact Form 7

Name of the Vulnerable Software and Affected Versions: apasionados Submission DOM tracking for Contact Form 7 versions n/a through 2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS i...

CVE-2023-44147 WordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through = 1.1.0...

CVE-2023-49197

Cross-Site Request Forgery CSRF vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2...

CVE-2023-49197

Cross-Site Request Forgery CSRF vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2...

CVE-2023-49197 WordPress DoFollow Case by Case Plugin <= 3.4.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2...

CVE-2023-49197

CVE-2023-49197 affects the WordPress DoFollow Case by Case plugin up to version 3.4.2, with a Cross-Site Request Forgery (CSRF) vulnerability. The issue is resolved in version 3.5.0. According to sources, exploitation could occur without privileged access and may require user interaction, with hi...

CVE-2022-38068

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Apasionados Export Post Info plugin = 1.1.0 at WordPress...