com.alibaba.cloud.ai:document-parser-apache-pdfbox (>=1.0.0-M5.1 <=1.0.0-M6.1), com.alibaba.cloud.ai:document-parser-bibtex (>=1.0.0-M5.1 <=1.0.0-M6.1) +19 more potentially affected by CVE-2026-40980 via org.springframework.ai:spring-ai-pdf-document-reader (>=1.0.0-M5 <=1.0.1)

org.springframework.ai:spring-ai-pdf-document-reader MAVEN version =1.0.0-M5, =1.0.0-M5.1, =1.0.0-M5.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.6 - com.chinagoods.framework.thinkc...

CVE-2026-34243

wenxian is a tool to generate BIBTEX files from given identifiers DOI, PMID, arXiv ID, or paper title. In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issuecomment.body directly inside a shell command, allowing potential command injection and arbitrary code...

CVE-2026-34243

wenxian is a tool to generate BIBTEX files from given identifiers DOI, PMID, arXiv ID, or paper title. In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issuecomment.body directly inside a shell command, allowing potential command injection and arbitrary code...

EUVD-2007-4485

Malware in sbrugna...

EUVD-2007-2255

Malware in sbrugna...

EUVD-2014-3698

Malware in sbrugna...

EUVD-2020-0299

Malware in sbrugna...

EUVD-2025-4842

Malicious code in bioql PyPI...

CVE-2024-12005

The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wpbibtexoptionpage function. This makes it possible for unauthenticated attackers to inject malicious web scripts...

CVE-2019-10780

BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open...

CVE-2024-13578

The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'WpBibTeX' shortcode in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13578

The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'WpBibTeX' shortcode in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13578 WP-BibTeX <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'WpBibTeX' shortcode in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13578 WP-BibTeX <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'WpBibTeX' shortcode in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13578

CVE-2024-13578 affects the WP-BibTeX WordPress plugin. The vulnerability is a stored XSS via the plugin’s WpBibTeX shortcode in all versions up to 3.0.1, caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires authenticated access at contri...

WordPress plugin WP-BibTeX 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress WP-BibTeX plugin <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin WP-BibTeX versions = 3.0.1...

CVE-2024-12005

The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wpbibtexoptionpage function. This makes it possible for unauthenticated attackers to inject malicious web scripts...

CVE-2024-12005

The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wpbibtexoptionpage function. This makes it possible for unauthenticated attackers to inject malicious web scripts...

CVE-2024-12005

CVE-2024-12005 concerns the WP-BibTeX WordPress plugin. The linked documents confirm a Cross-Site Request Forgery weakness in all versions up to 3.0.1, caused by missing or incorrect nonce validation on the wp_bibtex_option_page() function. This vulnerability is described as enabling unauthentica...