CVE-2026-2263

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

CVE-2026-2263 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data Manipulation

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

CVE-2025-23789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...

CVE-2025-62118

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kcseopro AdWords Conversion Tracking Code adwords-conversion-tracking-code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through = 1.0...

CVE-2025-62118

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kcseopro AdWords Conversion Tracking Code adwords-conversion-tracking-code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through = 1.0...

EUVD-2025-205970

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kcseopro AdWords Conversion Tracking Code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through 1.0...

CVE-2025-62118 WordPress AdWords Conversion Tracking Code plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kcseopro AdWords Conversion Tracking Code adwords-conversion-tracking-code allows Stored XSS.This issue affects AdWords Conversion Tracking Code: from n/a through = 1.0...

PT-2025-54319

Name of the Vulnerable Software and Affected Versions kcseopro AdWords Conversion Tracking Code versions through 1.0 Description The kcseopro AdWords Conversion Tracking Code contains a flaw related to improper neutralization of input during web page generation, leading to a Stored Cross-Site...

EUVD-2025-6116

Malicious code in bioql PyPI...

EUVD-2024-22110

Malicious code in bioql PyPI...

EUVD-2023-56890

Malicious code in bioql PyPI...

EUVD-2025-3421

Malicious code in bioql PyPI...

CVE-2024-24711

Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11...

CVE-2025-1363

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

CVE-2025-1362

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting customers via CSRF attacks...

CVE-2025-1363

CVE-2025-1363 affects the WordPress plugin “URL Shortener | Conversion Tracking | AB Testing | WooCommerce” (versions up to 9.0.2). The vulnerability is a Stored Cross-Site Scripting (XSS) that occurs due to insufficient sanitisation/escaping of certain plugin settings, enabling a high-privilege ...

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-23789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...

CVE-2025-23789

CVE-2025-23789 – Reflected XSS in tahminajannat URL Shortener Root cause: Improper neutralization of input during web page generation in the WordPress URL Shortener (WooCommerce integration). This allows Reflected XSS, affecting WordPress plugins/ WooCommerce incorporation up to version 9.0.2 (pe...