EUVD-2021-28078

Malicious code in bioql PyPI...

EUVD-2023-34526

Malicious code in bioql PyPI...

EUVD-2024-22635

Malicious code in bioql PyPI...

EUVD-2021-8177

Malicious code in bioql PyPI...

EUVD-2025-21401

Malicious code in bioql PyPI...

EUVD-2024-42690

Malicious code in bioql PyPI...

EUVD-2023-39962

Malicious code in bioql PyPI...

EUVD-2024-49417

Malicious code in bioql PyPI...

EUVD-2022-15385

Malicious code in bioql PyPI...

EUVD-2023-50614

Malicious code in bioql PyPI...

EUVD-2023-41701

Malicious code in bioql PyPI...

EUVD-2022-31834

Malicious code in bioql PyPI...

EUVD-2021-8199

Malicious code in bioql PyPI...

WordPress plugin Fintelligence Calculator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Fintelligence Calculator plugin, which stems from a lack of valid filtering and escaping of the...

CVE-2025-56379

A stored cross-site scripting XSS vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field...

WordPress plugin BP Direct Menus 跨站脚本漏洞

WordPress BP Direct Menus plugin is a menu management plugin for WordPress, which is mainly used to realize the quick jump function of menu items. WordPress BP Direct Menus plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of the bpdmlogi...

CVE-2025-10490

The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.3.202 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2025-8906

The Widgets for Tiktok Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'trustindex-feed' shortcode in all versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Plugin Ads by WPQuads Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Ads by WPQuads has a cross-site scripting vulnerability that stems from the...

Stored Cross-site Scripting (XSS)

com.liferay, com.liferay.plugins.admin.web is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in the components tab, which allows an attacker to inject and execute arbitrary web scripts or HTML in the victim’s browser...