61 matches found
Wordpress Profile Builder Plugin Cross-Site Scripting
The Profile Builder User Profile & User Registration Forms WordPress plugin is vulnerable to cross-site scripting due to insufficient escaping and sanitization of the siteurl parameter found in the /assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a...
CVE-2025-68514
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Paid Member Subscriptions: from n/a through = 2.16.8...
PT-2026-21088
Name of the Vulnerable Software and Affected Versions Cozmoslabs Paid Member Subscriptions versions n/a through 2.16.8 Description An authorization bypass exists due to incorrectly configured access control security levels in Cozmoslabs Paid Member Subscriptions. The issue allows exploitation...
CVE-2025-66074
Unrestricted Upload of File with Dangerous Type vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Path Traversal.This issue affects WP Webhooks: from n/a through = 3.3.8...
CVE-2025-66074
Unrestricted Upload of File with Dangerous Type vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Path Traversal.This issue affects WP Webhooks: from n/a through = 3.3.8...
CVE-2025-66073
Deserialization of Untrusted Data vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Object Injection.This issue affects WP Webhooks: from n/a through = 3.3.8...
CVE-2025-58592
Deserialization of Untrusted Data vulnerability in Cozmoslabs TranslatePress translatepress-multilingual allows Object Injection.This issue affects TranslatePress: from n/a through = 2.10.2...
EUVD-2024-30515
Malicious code in bioql PyPI...
EUVD-2024-19737
Malicious code in bioql PyPI...
EUVD-2023-29855
Malicious code in bioql PyPI...
EUVD-2025-26566
Malicious code in bioql PyPI...
EUVD-2025-28546
Malicious code in bioql PyPI...
EUVD-2025-19991
Malicious code in bioql PyPI...
EUVD-2024-29237
Malicious code in bioql PyPI...
PT-2025-35734
Name of the Vulnerable Software and Affected Versions: Cozmoslabs Paid Member Subscriptions versions through 2.15.9 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: Update to a version later than 2.15.9...
CVE-2025-54017 WordPress Paid Member Subscriptions <= 2.15.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows PHP Local File Inclusion.This issue affects Paid Member Subscriptions: from n/a through = 2.15.4...
PT-2025-34001 · Unknown · Cozmoslabs Paid Member Subscriptions
Name of the Vulnerable Software and Affected Versions: Cozmoslabs Paid Member Subscriptions versions through 2.15.4 Description: The software contains an improper control of filename for include/require statements, leading to a PHP local file inclusion issue. Recommendations: Update Cozmoslabs Pa...
CVE-2025-49870
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows SQL Injection.This issue affects Paid Member Subscriptions: from n/a through = 2.15.1...
CVE-2025-49870
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows SQL Injection.This issue affects Paid Member Subscriptions: from n/a through = 2.15.1...
CVE-2025-49870 WordPress Paid Member Subscriptions plugin <= 2.15.1 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows SQL Injection.This issue affects Paid Member Subscriptions: from n/a through = 2.15.1...