WordPress Simple User Import Export plugin <= 1.1.7 - Authenticated (Admin+) CSV Injection vulnerability

Authenticated Admin+ CSV Injection vulnerability discovered by Ivan Cese in WordPress Plugin Simple User Import Export versions = 1.1.7...

EUVD-2025-176269

Malicious code in spectron-csv-dynamo-bunyan npm...

Malicious code in csv-puppeteer-phoenix-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374bf3eeca6aa7f97f05cedd4268ceca21f16e8c36c450cb4fa2c17ac2ffd1ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178749

Malicious code in gemini-csv-cryonics-castor npm...

EUVD-2025-178626

Malicious code in gulp-rollup-plugin-carina-csv npm...

EUVD-2025-179454

Malicious code in csv-dysonswarm-aether-optimize-css-assets-webpack-plugin npm...

EUVD-2025-175861

Malicious code in typeorm-csv-troposphere-socketio npm...

Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in typeorm-csv-troposphere-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e73547aa88679589280af7f97832cc643441c415a7b0c69aa00448db76023b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176074

Malicious code in tachyon-vortex-bellatrix-csv npm...

EUVD-2025-175675

Malicious code in vuetify-thermochronology-csv-cryovolcano npm...

EUVD-2025-175558

Malicious code in whitedwarf-inquirer-csv-blitz npm...

EUVD-2025-176557

Malicious code in sagitta-protractor-taurus-csv npm...

EUVD-2025-177899

Malicious code in mensa-subscription-antares-csv npm...

EUVD-2025-178169

Malicious code in kuiperbelt-taurus-csv-ceres npm...

EUVD-2025-179449

Malicious code in csv-puppeteer-phoenix-event npm...

EUVD-2025-179448

Malicious code in csv-steganography-sadr-buffer npm...

Malicious code in csv-mongodb-rehype-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f821738c4cf7c99d8107896b24f9a81bd00506c105a6aca07ef8a729d5d444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179453

Malicious code in csv-envconfig-achernar-stratigraphy npm...

Malicious code in csv-steganography-sadr-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 576c9c5300d33eedfca84952fa6d232cca75ad84dbeb63ccde6da8ff03408c5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...