EUVD-2025-114763

Malicious code in csv-luna-loglevel-buffer npm...

EUVD-2025-113352

Malicious code in gacrux-csv-capella-pulsar npm...

EUVD-2025-114762

Malicious code in csv-markdownlint-npm-grus npm...

EUVD-2025-114755

Malicious code in csv-pulsar-hexo-bunyan npm...

EUVD-2025-114748

Malicious code in csv-ultra-wezen-astro npm...

EUVD-2025-113895

Malicious code in eslint-csv-galaxy-protractor npm...

EUVD-2025-115167

Malicious code in commitizen-spawn-csv-auriga npm...

EUVD-2025-111507

Malicious code in lyra-grus-csv-dotenv-parse-variables npm...

EUVD-2025-111211

Malicious code in meteor-config-csv-yakutsk npm...

EUVD-2025-115722

Malicious code in capella-css-minimizer-webpack-plugin-csv-meteor npm...

EUVD-2025-116938

Malicious code in acamar-arcturus-procyon-csv npm...

EUVD-2025-121305

Malicious code in tethys-mira-csv-impulse npm...

EUVD-2025-114758

Malicious code in csv-nova-eridanus-neptune npm...

EUVD-2025-113178

Malicious code in global-fomalhaut-protractor-csv npm...

MAL-2025-142584 Malicious code in fork-csv-standard-async (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207804b34c80b70376e5579f1c9e4b7c425db63c480b78e030d71008f1416272 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145533 Malicious code in node-sass-csv-nconf-algol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 523cf84acb42076535525f5ee44480f13fc5d4564b1c0479f949ce1be4936ca4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142788 Malicious code in galaxy-csv-middleware-levels (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 265a90c0ed8d48568ce28902e224b77e7b8d7911333c8d1ab524cabdb671285f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

WordPress plugin WP Import – Ultimate CSV XML Importer for WordPress 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin WP...

CVE-2025-12042

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

EUVD-2025-38359

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...