EUVD-2025-10837

Malicious code in bioql PyPI...

EUVD-2025-11725

Malicious code in bioql PyPI...

CVE-2025-32653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...

CVE-2025-32653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...

CVE-2025-32653 WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...

CVE-2025-32653

CVE-2025-32653 is a Reflected XSS in WordPress Cart66 Cloud (Lee Blue Cart66 Cloud) affecting Cart66 Cloud versions up to 2.3.7. The issue arises from improper input neutralization during web page generation, enabling reflected script execution. Public sources (NVD/Red Hat/ CVE lists) corroborate...

CVE-2025-32653 WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud allows Reflected XSS. This issue affects Cart66 Cloud: from n/a through 2.3.7...

WordPress plugin Cart66 Cloud 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17159 · Unknown · Cart66 Cloud

Name of the Vulnerable Software and Affected Versions: Cart66 Cloud versions 2.3.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an attacker can inject...

CVE-2025-2841

The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2025-2841

The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2025-2841 Cart66 Cloud <= 2.3.7 - Unauthenticated Information Exposure

The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2025-2841

CVE-2025-2841 affects Cart66 Cloud for WordPress (up to version 2.3.7). It enables unauthenticated access to phpinfo.php, exposing potentially sensitive information. As per Wordfence, this entry is currently Unpatched; no mitigation details are provided in the supplied docs.

CVE-2025-2841 Cart66 Cloud <= 2.3.7 - Unauthenticated Information Exposure

The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

WordPress plugin Cart66 Cloud 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2025-16160 · WordPress · Cart66 Cloud

Name of the Vulnerable Software and Affected Versions: Cart66 Cloud plugin for WordPress versions 2.3.7 and earlier Description: The issue allows unauthenticated attackers to view potentially sensitive information contained in an exposed file through the publicly accessible phpinfo.php script...

WordPress Cart66 Cloud plugin <= 2.3.7 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by Avraham Shemesh in WordPress Plugin Cart66 Cloud versions = 2.3.7...

WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Cart66 Cloud versions = 2.3.7...