EUVD-2021-24808

Malware in sbrugna...

EUVD-2025-3920

Malicious code in bioql PyPI...

CVE-2024-5450

The Bug Library WordPress plugin before 2.1.1 does not check the file type on user-submitted bug reports, allowing an unauthenticated user to upload PHP files...

CVE-2024-5604

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-24728

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yannick Lefebvre Bug Library bug-library allows Blind SQL Injection.This issue affects Bug Library: from n/a through = 2.1.4...

CVE-2025-24728

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yannick Lefebvre Bug Library bug-library allows Blind SQL Injection.This issue affects Bug Library: from n/a through = 2.1.4...

CVE-2025-24728 WordPress Bug Library plugin <= 2.1.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yannick Lefebvre Bug Library bug-library allows Blind SQL Injection.This issue affects Bug Library: from n/a through = 2.1.4...

CVE-2025-24728

CVE-2025-24728 concerns the WordPress plugin Bug Library (versions up to and including 2.1.4). The vulnerability is an SQL Injection caused by improper neutralization of special elements in SQL commands, enabling blind SQL injection. Public data shows a CVSS v3.1 base score of 8.5 (HIGH) with net...

CVE-2025-24728 WordPress Bug Library plugin <= 2.1.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yannick Lefebvre Bug Library bug-library allows Blind SQL Injection.This issue affects Bug Library: from n/a through = 2.1.4...

WordPress Bug Library plugin <= 2.1.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter in WordPress Plugin Bug Library versions = 2.1.4...

WordPress plugin Bug Library SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Bug Library plugin < 2.1.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Bug Library versions 2.1.2...

CVE-2024-5604

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5604

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5604 Bug Library < 2.1.2 - Admin+ Stored XSS

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5604

The CVE-2024-5604 entry maps to the Bug Library WordPress plugin (versions before 2.1.2). The vulnerability arises because the plugin does not sanitize/escape certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). Pu...

CVE-2024-5604 Bug Library < 2.1.2 - Admin+ Stored XSS

The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Bug Library Plugin < 2.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Bug Library Type Plugin Vulnerable versions 2.1.2 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5604 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 33f82588687d Credits Bob Matyas Required privilege...

WordPress Bug Library plugin < 2.1.1 - Unauthenticated RCE vulnerability

Unauthenticated RCE vulnerability discovered by Bob Matyas in WordPress Plugin Bug Library versions 2.1.1...

WordPress Bug Library Plugin < 2.1.1 is vulnerable to Remote Code Execution (RCE)

Software Bug Library Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-5450 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 5f64af27fea2 Credits Bob Matyas Required privilege Unauthenticat...