EUVD-2024-36835

Malicious code in bioql PyPI...

EUVD-2023-27981

Malicious code in bioql PyPI...

CVE-2023-23898

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in CreativeThemes Blocksy Companion plugin = 1.8.67 versions...

CVE-2025-47465

Missing Authorization vulnerability in creativethemeshq Blocksy blocksy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blocksy: from n/a through = 2.0.97...

CVE-2024-37469

CVE-2024-37469 is a CSRF vulnerability in the WordPress Blocksy theme (vulnerable up to 2.0.22). The root cause is a CSRF oversight in Blocksy that allows unauthorized actions to be performed remotely. Affected versions include 2.0.22 and earlier; the issue is fixed in 2.0.23. Public sources char...

CVE-2024-35633 WordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Creative Themes Blocksy Companion blocksy-companion.This issue affects Blocksy Companion: from n/a through = 2.0.42...

CVE-2024-31932

Cross-Site Request Forgery CSRF vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.28...

CVE-2023-23898

CVE-2023-23898 is a stored XSS in the CreativeThemes Blocksy Companion WordPress plugin up to version 1.8.67. The root cause is improper escaping/validation of the class attribute in the blocksy_posts shortcode output, exploitable by users with Contributor+ permissions. Impact is stored XSS; CVSS...