257 matches found
EUVD-2022-6370
Malicious code in bioql PyPI...
EUVD-2022-2476
Malicious code in bioql PyPI...
EUVD-2025-8110
Malicious code in bioql PyPI...
EUVD-2023-58368
Malicious code in bioql PyPI...
EUVD-2025-21756
Malicious code in bioql PyPI...
EUVD-2025-5492
Malicious code in bioql PyPI...
EUVD-2023-37181
Malicious code in bioql PyPI...
EUVD-2024-46750
Malicious code in bioql PyPI...
EUVD-2025-31692
Malicious code in bioql PyPI...
EUVD-2024-44084
Malicious code in bioql PyPI...
CVE-2025-9993
The Bei Fen – WordPress Backup Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the 'task'. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...
PT-2025-40060
Name of the Vulnerable Software and Affected Versions The File Manager, Code Editor, and Backup by Managefy plugin for WordPress versions prior to 1.6.2 Description The plugin is susceptible to a sensitive information exposure issue due to publicly exposed log files. This allows unauthenticated...
CVE-2025-9993
The Bei Fen – WordPress Backup Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the 'task'. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...
CVE-2025-9993
The CVE-2025-9993 entry concerns the Bei Fen – WordPress Backup Plugin for WordPress. It describes a Local File Inclusion (LFI) vulnerability exploitable via the task parameter in all versions up to 1.4.2, allowing authenticated users with Subscriber-level access or higher to include and execute ...
CVE-2025-9993 Bei Fen – WordPress Backup Plugin <= 1.4.2 - Authenticated (Subscriber+) Local File Inclusion
The Bei Fen – WordPress Backup Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the 'task'. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on t...
CVE-2025-10307
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete backup functionality in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with...
WordPress XM-Backup plugin <= 0.9.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin XM-Backup versions = 0.9.1...
WordPress Backup Bolt plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Backup Bolt versions = 1.5.0...
CVE-2015-10134
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the downloadbackupfile function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such...
CVE-2015-10134 Simple Backup <= 2.7.10 - Arbitrary File Download via Path Traversal
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the downloadbackupfile function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such...