19 matches found
EUVD-2024-46014
Malicious code in bioql PyPI...
EUVD-2025-28362
Malicious code in bioql PyPI...
CVE-2025-50037
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...
CVE-2025-50037
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...
CVE-2025-50037 WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows DOM-Based XSS.This issue affects Buying Buddy IDX CRM: from n/a through = 2.3.0...
CVE-2025-50037
CVE-2025-50037 is a DOM-based Cross‑Site Scripting vulnerability in the WordPress plugin Buying Buddy IDX CRM (versions through 2.3.0). The issue arises from improper neutralization of input during web page generation, enabling arbitrary scripts to run in a victim’s browser. Impact per sources: p...
CVE-2025-50037 WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Buying Buddy Buying Buddy IDX CRM allows DOM-Based XSS. This issue affects Buying Buddy IDX CRM: from n/a through 2.3.0...
PT-2025-26390 · Unknown · Buying Buddy Idx Crm
Name of the Vulnerable Software and Affected Versions: Buying Buddy IDX CRM versions through 2.3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This enables potential attackers to...
WordPress plugin Buying Buddy IDX CRM 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Buying Buddy IDX CRM plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...
WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Buying Buddy IDX CRM versions = 2.3.0...
CVE-2024-52446
Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...
CVE-2024-52446
Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...
CVE-2024-52446
CVE-2024-52446 is a CSRF to PHP Object Injection vulnerability affecting the Buying Buddy IDX CRM WordPress plugin (affected: <= 1.1.12). The core issue is CSRF-enabled object injection, enabling an attacker to trigger unintended object deserialization via forged requests. Public references fr...
CVE-2024-52446 WordPress Buying Buddy IDX CRM plugin <= 1.1.12 - CSRF to PHP Object Injection vulnerability
Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through 1.1.12...
CVE-2024-52446 WordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerability
Cross-Site Request Forgery CSRF vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through = 1.2.8...
WordPress plugin Buying Buddy IDX CRM 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2024-35286 · Unknown · Buying Buddy Idx Crm
Name of the Vulnerable Software and Affected Versions: Buying Buddy IDX CRM versions 1.1.12 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Object Injection in Buying Buddy IDX CRM. Recommendations: For versions 1.1.12 and earlier, update to a...
WordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerability
CSRF to PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Buying Buddy IDX CRM versions = 1.2.8...
WordPress Buying Buddy IDX CRM Plugin <= 1.1.12 is vulnerable to Cross Site Request Forgery (CSRF)
Software Buying Buddy IDX CRM Type Plugin Vulnerable versions = 1.1.12 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-52446 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 6670b1d35a14 Credits Mika Required...