17 matches found
EUVD-2024-44925
Malicious code in bioql PyPI...
EUVD-2025-28347
Malicious code in bioql PyPI...
EUVD-2025-11687
Malicious code in bioql PyPI...
CVE-2025-50009
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-50009
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-50009
CVE-2025-5009 (Kata Plus) : WordPress Kata Plus add-ons (1.5.3 and earlier) suffer a Missing Authorization/broken access control vulnerability. Root cause is incorrectly configured access control levels allowing unauthorized actions. Affected software: Kata Plus – Addons for Elementor – Widgets, ...
PT-2025-26366 · Climax Themes · Climax Themes Kata Plus
Name of the Vulnerable Software and Affected Versions: Climax Themes Kata Plus versions 1.5.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For Climax Themes...
CVE-2024-50501
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through = 1.4.7...
CVE-2025-32572
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-32572
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-32572 WordPress Kata Plus Plugin <= 1.5.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through = 1.5.3...
CVE-2025-32572
CVE-2025-32572 is a PHP object injection flaw caused by deserialization of untrusted data in the Kata Plus WordPress plugin family (Kata Plus – Addons for Elementor – Widgets, Extensions and Templates). Affected versions range up to 1.5.2 (with CVE entries tracking up to 1.5.3 per Patchstack/Word...
CVE-2025-32572 WordPress Kata Plus Plugin <= 1.5.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object Injection. This issue affects Kata Plus: from n/a through 1.5.2...
CVE-2024-50501
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through = 1.4.7...
CVE-2024-50501 WordPress Kata Plus plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through = 1.4.7...
CVE-2024-50501
CVE-2024-50501 is a stored XSS in the Kata Plus WordPress plugin (Kata Plus:
CVE-2024-50501 WordPress Kata Plus plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through = 1.4.7...