2336 matches found
Medium: aws-cfn-bootstrap
Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...
XSS in Bootstrap button component
...
com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=4.0.2 <=5.0.6) +77 more potentially affected by CVE-2025-64775 +1 more via org.apache.struts:struts2-core (>=6.0.0 <=6.7.4)
org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =4.0.2, =4.0.2, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2025-64775, CVE-2025-66675https://vulne...
com.amazonaws.serverless:aws-serverless-java-container-struts2 (>=1.2 <=1.8.2), com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.2.0-RELEASE) +164 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=2.5.1 <=2.5.33)
org.apache.struts:struts2-core MAVEN version =2.5.1, =1.2, =1.0.3-RELEASE, =1.1.9, =0.0.1, =6.0.0, =2.5.1, =2.5.1, =4.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =4.0.3 - com.jgeppert.struts2.jquery:struts2-jquery-datatables-plugin =4.0.3 -...
com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=6.0.0), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (=6.0.0) +53 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=7.0.0 <=7.0.3)
org.apache.struts:struts2-core MAVEN version =7.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.3 and more Source cves: CVE-2025-64775 Source advisory: OSV:GHSA-XX7V-HQXH-CJR9...
Malicious Package
Overview bootstrap-setflexcolor is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...
Malicious Package
Overview bootstrap-setcolors is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index PyPI via a domain takeover attack. Software supply chain security company ReversingLabs said it found the "vulnerabilit...
CVE-2025-11764
The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-11764
CVE-2025-11764 affects the WordPress plugin Shortcodes Bootstrap (versions
CVE-2025-11764 Shortcodes Bootstrap <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-11764 Shortcodes Bootstrap <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2025-198419
The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...
WordPress plugin Shortcodes Bootstrap 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-47676
The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' parameter in the notification shortcode in all versions up to, and including, 1.1. This is due to missing input sanitization and output escaping. This makes it possible for authenticated...
WordPress Shortcodes Bootstrap plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Shortcodes Bootstrap versions = 1.1...
EUVD-2025-178189
Malicious code in kinetic-ora-bootstrap-redshift npm...
EUVD-2025-176355
Malicious code in sirius-react-bootstrap-ignite-pegasus npm...
EUVD-2025-177387
Malicious code in package-uninstall-scorpius-react-bootstrap npm...
EUVD-2025-178680
Malicious code in got-nightwatch-despina-react-bootstrap npm...