Lucene search
K

508 matches found

CNNVD
CNNVD
added 2025/09/09 12:0 a.m.3 views

WordPress plugin WP eBay Product Feeds 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

4.9CVSS6.8AI score0.00138EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.4 views

PT-2025-36798

Name of the Vulnerable Software and Affected Versions: Rhys Wynne WP eBay Product Feeds versions through 3.4.8 Description: A Server-Side Request Forgery SSRF vulnerability exists in Rhys Wynne WP eBay Product Feeds, allowing Server Side Request Forgery. Recommendations: Update Rhys Wynne WP eBay...

4.9CVSS6.5AI score0.00138EPSS
Exploits0References3
OSV
OSV
added 2025/09/02 4:15 p.m.6 views

CVE-2025-54599

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows account takeover, if SSO is used, when a victim changes the email address that they have configured. To exploit this, an attacker would create their own account and perform an SSO login. The roo...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References3
OSV
OSV
added 2025/08/27 4:15 p.m.4 views

CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...

6.5CVSS5.8AI score0.00181EPSS
Exploits1References3
NVD
NVD
added 2025/08/27 4:15 p.m.3 views

CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...

6.5CVSS0.00181EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/08/27 12:0 a.m.9 views

CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...

0.00181EPSS
Exploits1References3
CVE
CVE
added 2025/08/27 12:0 a.m.15 views

CVE-2025-54598

Bevy Event service (as used for eBay Seller Events) up to 2025-07-22 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that enables an attacker to delete all notifications via the /notifications/delete/ endpoint. Root cause is CSRF on the notification-deletion path; impact is parti...

6.5CVSS6.7AI score0.00181EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-37408 Malicious code in types-ebay (npm)

The package types-ebay was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in ebay-items-react-widget-server (npm)

The package ebay-items-react-widget-server was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-19103 Malicious code in ebay-items-react-widget-server (npm)

The package ebay-items-react-widget-server was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in types-ebay (npm)

The package types-ebay was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/01 2:35 p.m.3 views

Malicious code in ebay.cookies (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d701de3172111f68c8aba0b6454237339584c4d994c232f906f4a088b0e874a3 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/07/01 2:35 p.m.4 views

MAL-2025-5397 Malicious code in ebay.cookies (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d701de3172111f68c8aba0b6454237339584c4d994c232f906f4a088b0e874a3 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
Patchstack
Patchstack
added 2025/05/27 5:15 a.m.5 views

WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin WP-Lister Lite for eBay versions = 3.8.3...

4.3CVSS7AI score0.00215EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.6 views

CVE-2024-32573

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay.This issue affects WP-Lister Lite for eBay: from n/a through = 3.5.11...

5.9CVSS5.9AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.5 views

CVE-2023-23722

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP eBay Product Feeds plugin = 3.3.1 versions...

5.9CVSS5.2AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:57 p.m.6 views

CVE-2009-2424

Cross-site scripting XSS vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter...

4.3CVSS5.9AI score0.01243EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:35 p.m.3 views

CVE-2009-2423

SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cateid parameter in a list action...

7.5CVSS8.8AI score0.01082EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/05 3:29 p.m.6 views

Malicious code in @ebay-business-components/marko-rum (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
OSV
OSV
added 2025/05/05 3:29 p.m.4 views

MAL-2025-3661 Malicious code in @ebay-business-components/marko-rum (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Rows per page
Query Builder