@accounter/server (>=0.0.0 <=0.0.3-alpha-20241114141215-09b7d417e7e139562b2a77a6eb2d990da536e1ec), @aligent/auth-module (=1.0.1) +1 more potentially affected by CVE-2026-23735 via graphql-modules (>=2.3.0 <=2.4.0)

graphql-modules NPM version =2.3.0, =0.0.0, =1.0.7, =1.0.9 Source cves: CVE-2026-23735 Source advisory: OSV:GHSA-53WG-R69P-V3R7...

CVE-2023-49162

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

EUVD-2023-53167

Malicious code in bioql PyPI...

CVE-2025-55998

A cross-site scripting XSS vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter...

Exploit for CVE-2025-55998

CVE-2025-55998 Summary | Vulnerability Details | CVE-2025...

Malicious code in bigcommerce-cornerstone (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83db5e73ba2655c18a873f73b2875933ac9be69ba593d2b7cd4fc00e6af20bce Any computer that has this package install...

MAL-2025-122 Malicious code in bigcommerce-cornerstone (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83db5e73ba2655c18a873f73b2875933ac9be69ba593d2b7cd4fc00e6af20bce Any computer that has this package install...

MAL-2024-11312 Malicious code in bigcommerce-monit (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in bigcommerce-monit (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2023-49162

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

CVE-2023-49162

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

CVE-2023-49162 WordPress BigCommerce Plugin <= 5.0.6 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

CVE-2023-49162

CVE-2023-49162 affects the BigCommerce For WordPress plugin for WordPress, in versions up to 5.0.6. The issue is Exposure of Sensitive Information to an Unauthorized Actor (log/file exposure), allowing unauthenticated access to sensitive data. Public details in connected documents indicate the vu...

WordPress plugin BigCommerce Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2023-31080 · Bigcommerce · Bigcommerce For Wordpress

Name of the Vulnerable Software and Affected Versions: BigCommerce For WordPress versions n/a through 5.0.6 Description: The issue is related to Exposure of Sensitive Information to an Unauthorized Actor. This allows unauthorized access to sensitive information. Recommendations: For BigCommerce F...

BigCommerce <= 5.0.7 - Unauthenticated Sensitive Information Exposure

Description The BigCommerce For WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.0.7. This makes it possible for unauthenticated attackers to extract sensitive data...

WordPress BigCommerce Plugin <= 5.1.1 is vulnerable to Sensitive Data Exposure

Software BigCommerce Type Plugin Vulnerable versions = 5.1.1 Fixed in N/A OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-49162 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e6538cb5a9be Credits Joshua Chan...