28 matches found
EUVD-2024-29794
Malicious code in bioql PyPI...
EUVD-2024-40622
Malicious code in bioql PyPI...
EUVD-2024-40072
Malicious code in bioql PyPI...
EUVD-2022-50204
Malicious code in bioql PyPI...
EUVD-2024-40169
Malicious code in bioql PyPI...
CVE-2024-31936
Cross-Site Request Forgery CSRF vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before 1.2.6...
CVE-2022-47442
Improper Neutralization of Formula Elements in a CSV File vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a through 1.2.3.9...
CVE-2024-43145
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
CVE-2025-24673
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through = 0.1.2...
CVE-2025-24673 WordPress Ketchup Shortcodes Plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through = 0.1.2...
CVE-2024-43973
Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through = 2.8.11...
CVE-2024-43277 WordPress UsersWP plugin <= 1.2.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15...
CVE-2024-43277
CVE-2024-43277 is a Missing Authorization (Broken Access Control) issue in the UsersWP WordPress plugin (Versions up to 1.2.15). The vulnerability arises from incorrectly configured access control security levels, enabling unauthorized access as described in the CVE entry. The affected product is...
CVE-2024-43277 WordPress UsersWP plugin <= 1.2.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15...
CVE-2024-43973
CVE-2024-43973 affects GetPaid (WordPress plugin) by AyeCode, with Missing Authorization via column_subscription() in versions up to 2.8.11. Public records (NVD/NVD-derived CVE feeds) confirm a broken access control allowing unauthorized activity related to GetPaid’s subscription data. PT-Securit...
CVE-2024-43973 WordPress GetPaid plugin <= 2.8.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stiofan GetPaid invoicing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through = 2.8.11...
CVE-2024-43145
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
CVE-2024-43145
CVE-2024-43145 is a SQL Injection in the WordPress plugin GeoDirectory by AyeCode Ltd. It affects GeoDirectory versions up to 2.3.61 (authenticated, Subscriber+ context in disclosures). The root cause is improper neutralization of special elements in SQL queries, allowing an attacker with subscri...
CVE-2024-43145 WordPress GeoDirectory plugin <= 2.3.61 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
CVE-2024-31936
Cross-Site Request Forgery CSRF vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before 1.2.6...