EUVD-2024-23041

Malicious code in bioql PyPI...

EUVD-2025-24998

Malicious code in bioql PyPI...

CVE-2025-7507

The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-lev...

WordPress elink – Embed Content plugin <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation vulnerability

Authenticated Contributor+ Insufficient Input Validation vulnerability discovered by Shreyas Malhotra shreyas-malhotra in WordPress Plugin elink Embed Content versions = 1.1.0...

CVE-2025-7507

The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-lev...

CVE-2025-7507

CVE-2025-7507 concerns the WordPress plugin elink – Embed Content . Affected versions up to 1.1.0 are vulnerable to a malicious redirect due to insufficient input validation in the elink shortcode that allows unrestricted URLs. Exploitation requires an authenticated actor with at least Contributo...

CVE-2025-7507 elink – Embed Content <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation

The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-lev...

CVE-2025-7507 elink – Embed Content <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation

The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-lev...

WordPress plugin elink – Embed Content 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

PT-2025-33458 · WordPress · Elink – Embed Content

Name of the Vulnerable Software and Affected Versions: elink – Embed Content plugin for WordPress versions up to and including 1.1.0 Description: The elink – Embed Content plugin for WordPress is susceptible to malicious redirection due to insufficient restriction of URLs supplied through the eli...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

Hardcoded credentials

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

Elink Smart eSmartCam Security Vulnerability

Elink Smart eSmartCam is a smart camera from Elink Smart. A security vulnerability exists in Elink Smart eSmartCam version 2.1.5, which stems from a vulnerability that allows an attacker to extract hard-coded AES encryption keys from a binary file...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

CVE-2024-25731

The CVE-2024-25731 entry concerns the Android app Elink Smart eSmartCam (com.cn.dq.ipc) 2.1.5. The vulnerability is a hardcoded AES encryption key in the binary, enabling an attacker who observes traffic (e.g., over Wi‑Fi) to defeat encryption and potentially access protected data. Supported deta...

China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞

China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability, which originates in api/zrDm/setZRElink, that can be exploited by remote attackers to execute arbitrary commands via...