17 matches found
EUVD-2025-17117
Malicious code in bioql PyPI...
CVE-2025-49073
Deserialization of Untrusted Data vulnerability in axiomthemes Sweet Dessert sweet-dessert allows Object Injection.This issue affects Sweet Dessert: from n/a through 1.1.13...
CVE-2025-49073
Deserialization of Untrusted Data vulnerability in axiomthemes Sweet Dessert sweet-dessert allows Object Injection.This issue affects Sweet Dessert: from n/a through 1.1.13...
CVE-2025-49073
Deserialization of Untrusted Data vulnerability in Axiomthemes Sweet Dessert allows Object Injection.This issue affects Sweet Dessert: from n/a before 1.1.13...
CVE-2025-49073 WordPress Sweet Dessert < 1.1.13 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in axiomthemes Sweet Dessert sweet-dessert allows Object Injection.This issue affects Sweet Dessert: from n/a through 1.1.13...
CVE-2025-49073
CVE-2025-49073 concerns the WordPress theme Sweet Dessert. It describes a Deserialization of Untrusted Data (PHP object injection) vulnerability affecting Sweet Dessert versions before 1.1.13. The issue’s root cause is deserialization of untrusted data, enabling object injection. Severity is repo...
CVE-2025-49073 WordPress Sweet Dessert < 1.1.13 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in axiomthemes Sweet Dessert sweet-dessert allows Object Injection.This issue affects Sweet Dessert: from n/a through 1.1.13...
WordPress plugin Sweet Dessert 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
PT-2025-24099
Name of the Vulnerable Software and Affected Versions Axiomthemes Sweet Dessert versions prior to 1.1.13 Description The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This can potentially lead to security breaches. Recommendations For versions prior to...
WordPress Sweet Dessert < 1.1.13 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Sweet Dessert versions 1.1.13...
WordPress Sweet Dessert Theme < 1.1.13 is vulnerable to PHP Object Injection
Software Sweet Dessert Type Theme Vulnerable versions 1.1.13 Fixed in 1.1.13 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49073 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 3fb9eef0dd59 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
spatz-dessert.ch Cross Site Scripting vulnerability OBB-3501688
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dessert-island.net Cross Site Scripting vulnerability OBB-3192640
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Zomato: [www.zomato.com] Getting a complimentary dessert [Zomato Treats] on ordering a Meal at no cost
Go to order food tab and select any restaurant that delivers online. 2. Add Zomato Treat Subscription to cart. 3. Add more items to cart to fulfil the minimum order requirement for that restaurant. 4. Click on Continue and proceed to pay online. 5. While paying online I faced the issue that...
Ice Cream Factory – Dessert - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Ice Cream Factory – Dessert published at the 'play' market has multiple vulnerabilities...
Dessert Style Weather Widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Dessert Style Weather Widget published at the 'play' market has multiple vulnerabilities...
Dessert recipes - Base64 encoded String, Exported ContentProvider, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Dessert recipes published at the 'play' market has multiple vulnerabilities...