106 matches found
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It features built-in version control, issue tracking, code review, and CI/CD continuous integration and delivery capabilities. There is a security vulnerability in GitLab, which stems from improper...
CVE-2025-13035
The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...
CVE-2025-13035
The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...
WordPress Insert PHP Code Snippet plugin missing authorization vulnerability
WordPress Insert PHP Code Snippet plugin is a tool for inserting custom PHP code into posts or pages in WordPress, supporting secure execution of code snippets and managing code blocks. A lack of authorization vulnerability exists in WordPress Insert PHP Code Snippet plugin, which can be exploite...
EUVD-2025-37337
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...
CVE-2025-64356
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...
CVE-2025-64356 WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...
CVE-2025-64356 WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in f1logic Insert PHP Code Snippet insert-php-code-snippet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Insert PHP Code Snippet: from n/a through = 1.4.3...
CVE-2025-64356
The CVE-2025-64356 case concerns the WordPress Insert PHP Code Snippet plugin (insert-php-code-snippet) with versions up to 1.4.3. The root cause is a missing/incorrect authorization (broken access control) vulnerability that could allow unauthorized access due to misconfigured access control sec...
WordPress plugin Insert PHP Code Snippet 安全漏洞
WordPress Insert PHP Code Snippet plugin is a tool for inserting custom PHP code into posts or pages in WordPress, supporting secure execution of code snippets and managing code blocks. A lack of authorization vulnerability exists in WordPress Insert PHP Code Snippet plugin, which can be exploite...
EUVD-2021-23972
Malware in sbrugna...
EUVD-2004-1740
Malware in sbrugna...
EUVD-2024-34339
Malicious code in bioql PyPI...
EUVD-2024-40167
Malicious code in bioql PyPI...
PT-2025-31160 · Npm · @Eslint/Plugin-Kit
Summary The ConfigCommentParserparseJSONLikeConfig API is vulnerable to a Regular Expression Denial of Service ReDoS attack in its only argument. Details The regular expression at packages/plugin-kit/src/config-comment-parser.js:158 is vulnerable to a quadratic runtime attack because the grouped...
GHSA-P53J-G8PW-4W5F
creationtimestamp| type| source ---|---|--- 2025-07-16 04:24:10+00:00| seen| https://gist.github.com/safer-bot/930216c8ddbe20a630c79f2785e35eec 2025-07-16 09:49:54+00:00| seen| https://gist.github.com/safer-bot/57636fb56c908ea716ca50f36824e43c 2025-07-16 16:29:07+00:00| seen|...
CVE-2024-0658
The Insert PHP Code Snippet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user's name when accessing the insert-php-code-snippet-manage page in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible f...
CVE-2024-43275
Cross-Site Request Forgery CSRF vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6...
CVE-2021-4418
The Custom CSS, JS & PHP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the save function. This makes it possible for unauthenticated attackers to save code snippets via a forged...
Malicious code in code-snippet-editor-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a18fa3d11188e4b7891ebae39b972feeef16bdfe9a92659b7efc450374065e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...