83 matches found
EUVD-2024-44053
Malicious code in bioql PyPI...
EUVD-2024-0997
Malicious code in bioql PyPI...
EUVD-2023-25958
Malicious code in bioql PyPI...
EUVD-2023-27490
Malicious code in bioql PyPI...
EUVD-2024-27490
Malicious code in bioql PyPI...
EUVD-2023-25948
Malicious code in bioql PyPI...
EUVD-2023-25947
Malicious code in bioql PyPI...
EUVD-2024-45908
Malicious code in bioql PyPI...
EUVD-2024-2857
Malicious code in bioql PyPI...
EUVD-2023-40716
Malicious code in bioql PyPI...
EUVD-2023-25951
Malicious code in bioql PyPI...
CVE-2025-58198
Missing Authorization vulnerability in Xpro Xpro Theme Builder xpro-theme-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Theme Builder: from n/a through = 1.2.9...
PT-2025-34746
Name of the Vulnerable Software and Affected Versions: Delta Electronics EIP Builder version 1.11 Description: Delta Electronics EIP Builder version 1.11 is susceptible to a file parsing XML External Entity XXE processing information disclosure issue. This allows for the potential disclosure of...
CVE-2025-54678
CVE-2025-54678 is an SQL Injection vulnerability in the WordPress plugin Easy Form Builder (versions up to 3.8.15). The flaw is described as improper neutralization of special elements used in an SQL command (blind SQL injection). Public references (Patchstack, Red Hat, CVE list) confirm the affe...
CVE-2025-6747
The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusionmap' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-6747 Avada (Fusion) Builder <= 3.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusionmap' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-4965
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Builder feature in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
CVE-2025-52711
CVE-2025-52711 is a CSRF vulnerability affecting WordPress plugin Post and Page Builder by BoldGrid – Visual Drag and Drop Editor, version 1.27.8 and earlier. The CVE entry is supported by multiple sources (NVD, CVE.org, Red Hat and Patchstack). Impact is described as Cross Site Request Forgery w...
CVE-2025-5286
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘additionalsettings’ parameter in all versions up to, and including, 5.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-46488 WordPress Visual Builder plugin <= 1.2.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in dastan800 Visual Builder visual-builder allows Reflected XSS.This issue affects Visual Builder: from n/a through = 1.2.2...