44 matches found
EUVD-2024-34205
Malicious code in bioql PyPI...
EUVD-2024-40800
Malicious code in bioql PyPI...
EUVD-2025-30531
Malicious code in bioql PyPI...
EUVD-2023-36546
Malicious code in bioql PyPI...
EUVD-2025-4049
Malicious code in bioql PyPI...
EUVD-2023-56092
Malicious code in bioql PyPI...
CVE-2025-58666
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through = 1.3.1...
CVE-2025-58666
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through = 1.3.1...
WordPress Website Chat Button: Kommo integration Plugin <= 1.3.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Peter Thaleikis in WordPress Plugin Website Chat Button: Kommo integration versions = 1.3.1...
CVE-2025-58666 WordPress Website Chat Button: Kommo integration Plugin <= 1.3.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through = 1.3.1...
CVE-2025-58666 WordPress Website Chat Button: Kommo integration Plugin <= 1.3.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration website-chat-button-kommo-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Website Chat Button: Kommo integration: from n/a through = 1.3.1...
WordPress plugin Website Chat Button Kommo integration security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
PT-2025-38955
Name of the Vulnerable Software and Affected Versions Kommo Website Chat Button versions through 1.3.1 Description An authorization issue exists in the Kommo Website Chat Button integration, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update...
CVE-2024-11813
The Pulsating Chat Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.1. This is due to missing or incorrect nonce validation on the aminchatbuttonsettingspage function. This makes it possible for unauthenticated attackers to update...
CVE-2023-32292
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GetButton Chat Button by GetButton.Io plugin = 1.8.9.4 versions...
CVE-2025-25138
Cross-Site Request Forgery CSRF vulnerability in Rishi On Page SEO + Whatsapp Chat Button ops-robots-txt allows Stored XSS.This issue affects On Page SEO + Whatsapp Chat Button: from n/a through = 2.0.0...
CVE-2025-25138 WordPress On Page SEO + Social Live Chat (Formerly OPS) plugin <= 2.0.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Rishi On Page SEO + Whatsapp Chat Button ops-robots-txt allows Stored XSS.This issue affects On Page SEO + Whatsapp Chat Button: from n/a through = 2.0.0...
CVE-2025-25138
CVE-2025-25138 is a CSRF to Stored XSS vulnerability in the WordPress On Page SEO + Social Live Chat (formerly OPS) plugin that affects versions up to 2.0.0. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, requiring user interaction. Exploit status is not publicly detailed in the docum...
WordPress plugin On Page SEO + Whatsapp Chat Button 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...
CVE-2024-13612
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bettermessageslivechatbutton' shortcode in all versions up to, and including, 2.6.9 due to insufficient input...