Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25005

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00561EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/17 8:29 a.m.16 views

CVE-2025-7650

The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.0.53 via the 'bizcalv' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the...

7.5CVSS6.5AI score0.00561EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/15 8:25 a.m.12 views

CVE-2025-7650 BizCalendar Web <= 1.1.0.53 - Authenticated (Contributor+) Local File Inclusion

The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.0.53 via the 'bizcalv' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the...

7.5CVSS0.00561EPSS
Exploits0References3
CVE
CVE
added 2025/08/15 8:25 a.m.27 views

CVE-2025-7650

The CVE-2025-7650 entry concerns the BizCalendar Web WordPress plugin (versions up to 1.1.0.50) and describes an Authenticated (Contributor+) Local File Inclusion via the bizcalv shortcode. The underlying risk is that an authenticated attacker with Contributor-level access can include and execute...

7.5CVSS6.5AI score0.00561EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.4 views

CVE-2024-1780

The BizCalendar Web plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.1.0.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.1AI score0.00585EPSS
Exploits0References1
Rows per page
Query Builder