508 matches found
WordPress plugin WP eBay Product Feeds 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2025-36798
Name of the Vulnerable Software and Affected Versions: Rhys Wynne WP eBay Product Feeds versions through 3.4.8 Description: A Server-Side Request Forgery SSRF vulnerability exists in Rhys Wynne WP eBay Product Feeds, allowing Server Side Request Forgery. Recommendations: Update Rhys Wynne WP eBay...
CVE-2025-54599
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows account takeover, if SSO is used, when a victim changes the email address that they have configured. To exploit this, an attacker would create their own account and perform an SSO login. The roo...
CVE-2025-54598
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...
CVE-2025-54598
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...
CVE-2025-54598
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...
CVE-2025-54598
Bevy Event service (as used for eBay Seller Events) up to 2025-07-22 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that enables an attacker to delete all notifications via the /notifications/delete/ endpoint. Root cause is CSRF on the notification-deletion path; impact is parti...
MAL-2025-37408 Malicious code in types-ebay (npm)
The package types-ebay was found to contain malicious code...
Malicious code in ebay-items-react-widget-server (npm)
The package ebay-items-react-widget-server was found to contain malicious code...
MAL-2025-19103 Malicious code in ebay-items-react-widget-server (npm)
The package ebay-items-react-widget-server was found to contain malicious code...
Malicious code in types-ebay (npm)
The package types-ebay was found to contain malicious code...
Malicious code in ebay.cookies (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d701de3172111f68c8aba0b6454237339584c4d994c232f906f4a088b0e874a3 Any computer that has this package installed or running should be considered...
MAL-2025-5397 Malicious code in ebay.cookies (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d701de3172111f68c8aba0b6454237339584c4d994c232f906f4a088b0e874a3 Any computer that has this package installed or running should be considered...
WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin WP-Lister Lite for eBay versions = 3.8.3...
CVE-2024-32573
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through = 3.5.11...
CVE-2023-23722
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP eBay Product Feeds plugin = 3.3.1 versions...
CVE-2009-2424
Cross-site scripting XSS vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2009-2423
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cateid parameter in a list action...
Malicious code in @ebay-business-components/marko-rum (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-3661 Malicious code in @ebay-business-components/marko-rum (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...