508 matches found
CVE-2026-27203
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
eBay API MCP Server 注入漏洞
The eBay API MCP Server is a context-based protocol server developed by YosefHayim as an individual developer. The eBay API MCP Server has a vulnerability related to environment variable injection in the updateEnvFile function. This vulnerability may lead to configuration overrides, denial of...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-27203
The CVE-2026-27203 entry affects ebay-mcp (eBay API MCP Server), where the updateEnvFile function in src/auth/oauth.ts blindly appends or replaces values, enabling CRLF/environment variable injection via the ebay_set_user_tokens tool. This can inject arbitrary environment variables into the .env ...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-27203 eBay API MCP Server Affected by Environment Variable Injection
eBay API MCP Server is an open source local MCP server providing AI assistants with comprehensive access to eBay's Sell APIs. All versions are vulnerable to Environment Variable Injection through the updateEnvFile function. The ebaysetusertokens tool allows updating the .env file with new tokens...
CVE-2026-25384
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
CVE-2026-25384
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
WordPress WP-Lister Lite for eBay plugin <= 3.8.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin WP-Lister Lite for eBay versions = 3.8.5...
CVE-2026-25384
CVE-2026-25384 affects WP-Lister Lite for eBay, plugin versions
CVE-2026-25384
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
CVE-2026-25384 WordPress WP-Lister Lite for eBay plugin <= 3.8.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
CVE-2026-25384 WordPress WP-Lister Lite for eBay plugin <= 3.8.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
WordPress plugin WP-Lister Lite for eBay 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
PT-2026-20718
Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through = 3.8.5...
PT-2026-21328
Name of the Vulnerable Software and Affected Versions eBay API MCP Server affected versions not specified Description The eBay API MCP Server, an open source local MCP server providing AI assistants with access to eBay's Sell APIs, is susceptible to Environment Variable Injection through the...
WordPress WP eBay Product Feeds plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin WP eBay Product Feeds versions = 3.4.9...
CVE-2025-67557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Stored XSS.This issue affects WP eBay Product Feeds: from n/a through = 3.4.9...
CVE-2025-67557
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Stored XSS.This issue affects WP eBay Product Feeds: from n/a through = 3.4.9...
CVE-2025-67557 WordPress WP eBay Product Feeds plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhys Wynne WP eBay Product Feeds ebay-feeds-for-wordpress allows Stored XSS.This issue affects WP eBay Product Feeds: from n/a through = 3.4.9...