EUVD-2025-21620

Malicious code in bioql PyPI...

CVE-2025-47645

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes elex-bulk-edit-products-prices-attributes-for-woocommerce-basic allows SQL Injection.This issue affects ELEX WooCommer...

CVE-2025-47658 WordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a...

CVE-2025-47643

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ELEXtensions ELEX Product Feed for WooCommerce allows SQL Injection. This issue affects ELEX Product Feed for WooCommerce: from n/a through 3.1.2...

CVE-2025-47643

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ELEXtensions ELEX Product Feed for WooCommerce allows SQL Injection. This issue affects ELEX Product Feed for WooCommerce: from n/a through 3.1.2...

CVE-2025-47643

CVE-2025-47643 concerns ELEX Product Feed for WooCommerce (WordPress plugin). Affected versions are 3.1.2 and earlier, with the root cause described as improper neutralization of special elements in SQL commands, i.e., SQL Injection. The CVE is associated with multiple sources (NVD/Red Hat/CVE li...

CVE-2024-31364

CVE-2024-31364 is a CSRF vulnerability in the ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts plugin, affecting versions up to 2.1.2. The connected sources (Red Hat advisory and ENISA EUVD) confirm the CVE name and CSRF nature but do not provide exploitation details or patch/mitigatio...

CVE-2024-32105

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

CVE-2024-32105 WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

CVE-2024-32105

CVE-2024-32105 is a CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts, affecting versions from n/a up to 2.1.2. The issue has been observed in public disclosures and Red Hat/Wordfence references; mitigations require upgrading to a patched version where available. T...

CVE-2024-31255

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts allows Reflected XSS.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

CVE-2024-31255

CVE-2024-31255 affects the ELEX WooCommerce Dynamic Pricing and Discounts WordPress plugin. The connected data confirms a Reflected XSS due to Improper Neutralization of Input During Web Page Generation, impacting versions up to 2.1.2 (n/a–2.1.2). The CVE entry provides a CVSS score of 7.1 (HIGH,...