PT-2026-33013

Name of the Vulnerable Software and Affected Versions VI: Include Post By versions prior to 0.4.200706 Description Stored Cross-Site Scripting occurs due to insufficient input sanitization and output escaping on user supplied attributes. Authenticated attackers with contributor-level access and...

WordPress Analytics Cat plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Analytics Cat versions = 1.1.2...

EUVD-2024-49387

Malicious code in bioql PyPI...

EUVD-2024-49252

Malicious code in bioql PyPI...

EUVD-2022-32343

Malicious code in bioql PyPI...

CVE-2024-8544

The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2021-24922

The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks...

CVE-2021-24972

The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-2021-24788

The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user including simple subscribers can add/set/delete arbitrary categories to posts...

WordPress Quiz Cat plugin <= 3.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Quiz Cat versions = 3.0.8...

CVE-2025-30877 WordPress Quiz Cat plugin <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through = 3.0.8...

WordPress plugin Quiz Cat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-24576

CVE-2025-24576 — WordPress Landing Page Cat plugin

WordPress Analytics Cat Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Analytics Cat versions = 1.1.2...

CVE-2024-12072 Analytics Cat – Google Analytics Made Easy <= 1.1.2 - Reflected Cross-Site Scripting

The Analytics Cat – Google Analytics Made Easy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8740

The GetResponse Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress Forms for Mailchimp by Optin Cat plugin <= 2.5.7 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters vulnerability

Authenticated Editor+ Stored Cross-Site Scripting via Form Color Parameters vulnerability discovered by mike harris in WordPress Plugin Forms for Mailchimp by Optin Cat versions = 2.5.7...

PT-2024-38379 · WordPress · Forms For Mailchimp By Optin Cat

Name of the Vulnerable Software and Affected Versions: The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress versions up to, and including, 2.5.6 Description: The issue is related to Stored Cross-Site Scripting via the form color parameters due to insufficient input...

CVE-2024-8544

The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2024-8544 Pixel Cat – Conversion Pixel Manager <= 3.0.5 - Reflected Cross-Site Scripting

The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary...