CVE-2025-23457

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shipdeoplugin Shipdeo shipdeo-woo allows Reflected XSS.This issue affects Shipdeo: from n/a through = 1.2.8...

EUVD-2025-3193

Malicious code in bioql PyPI...

CVE-2025-23457

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shipdeoplugin Shipdeo shipdeo-woo allows Reflected XSS.This issue affects Shipdeo: from n/a through = 1.2.8...

CVE-2025-23457

CVE-2025-23457 is a Reflected XSS in the WordPress Shipdeo plugin (Shipdeo WooCommerce) affecting versions up to 1.2.8, caused by improper input neutralization during web page generation. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 (High). Public records f...

CVE-2025-23457 WordPress Shipdeo plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shipdeoplugin Shipdeo shipdeo-woo allows Reflected XSS.This issue affects Shipdeo: from n/a through = 1.2.8...

PT-2025-4890 · Unknown · Clodeo Shipdeo

Name of the Vulnerable Software and Affected Versions: Clodeo Shipdeo versions 1.2.8 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious scripts into a website,...