17 matches found
EUVD-2025-26972
Malicious code in bioql PyPI...
CVE-2025-58806
Cross-Site Request Forgery CSRF vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through = 1.6.3...
CVE-2025-58806
Cross-Site Request Forgery CSRF vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through = 1.6.3...
CVE-2025-58806 WordPress WordPress Error Monitoring by Bugsnag Plugin <= 1.6.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through = 1.6.3...
CVE-2025-58806
CVE-2025-58806 affects the WordPress plugin “BugSnag Error Monitoring” (WordPress Error Monitoring by Bugsnag). The vulnerability is a CSRF that also enables stored XSS, affecting versions up to and including 1.6.3 (from n/a through 1.6.3). The CVSS base vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C...
CVE-2025-58806 WordPress WordPress Error Monitoring by Bugsnag Plugin <= 1.6.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through = 1.6.3...
WordPress WordPress Error Monitoring by Bugsnag Plugin <= 1.6.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WordPress Error Monitoring by Bugsnag versions = 1.6.3...
WordPress plugin WordPress Error Monitoring by Bugsnag 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Error Monitoring by...
PT-2025-36145
Name of the Vulnerable Software and Affected Versions: imjoehaines WordPress Error Monitoring by Bugsnag versions through 1.6.3 Description: The software contains a Cross-Site Request Forgery CSRF vulnerability that also allows for Stored Cross-Site Scripting XSS. Recommendations: Update...
Malicious code in bugsnag-plugin-react (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-5805 Malicious code in bugsnag-plugin-react (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in @harrysforge/gatsby-plugin-bugsnag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50cfb74b7280a6b4678523b7822c12d047a189fad85f0961cf1c2c943708d360 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3386 Malicious code in glip-integration-bugsnag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e020d4fb98e12a0ab4d7269fe953ccd7c86fb2cf1e53f4bf9cc66a4e8c27076 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in glip-integration-bugsnag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e020d4fb98e12a0ab4d7269fe953ccd7c86fb2cf1e53f4bf9cc66a4e8c27076 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Doppler VDP: Stored XSS in [https://dashboard.doppler.com/workplace/*/logs] pages
Summary: I have found a stored XSS vulnerability in the following config setting page. https://dashboard.doppler.com/workplace//projects/example-project/configs/dev/logs When you invite other users to the workspace, the xss could be used to exploit other users also. Steps To Reproduce: 1 . Visit...
Bugsnag - Critical - Unsupported - SA-CONTRIB-2019-081
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Secret: secret app for iOS and android is sending some info over HTTP
POC for android: POST /metrics HTTP/1.1 Content-Type: application/json User-Agent: Dalvik/1.6.0 Linux; U; Android 4.2.2; googlesdk Build/JBMR1.1 Host: notify.bugsnag.com Connection: Keep-Alive Accept-Encoding: gzip Content-Length: 468...