15 matches found
CVE-2026-57346
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...
EUVD-2026-40060
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...
EUVD-2023-56394
Malicious code in bioql PyPI...
EUVD-2025-24701
Malicious code in bioql PyPI...
CVE-2025-54693
Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block form-block allows Upload a Web Shell to a Web Server.This issue affects Form Block: from n/a through = 1.5.5...
CVE-2025-54693
Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block form-block allows Upload a Web Shell to a Web Server.This issue affects Form Block: from n/a through = 1.5.5...
CVE-2025-54693
CVE-2025-54693 describes an Unrestricted Upload of File with Dangerous Type vulnerability in WordPress Form Block Plugin 1.5.5). CVSSv3 data cited in the initial record indicates a Critical impact (9.0 base score) with network attack vector, high complexity, no privileges required, and CHANGED sc...
PT-2025-33245
Name of the Vulnerable Software and Affected Versions: epiphyt Form Block versions n/a through 1.5.5 Description: An unrestricted file upload issue exists in epiphyt Form Block, allowing the upload of a web shell to a web server. This enables malicious actors to potentially gain control of the...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Epiphyt Embed Privacy allows Stored XSS.This issue affects Embed Privacy: from n/a through 1.8.0...
CVE-2023-51694
The CVE-2023-51694 issue concerns the WordPress Embed Privacy plugin. Affected component: the Embed Privacy plugin for WordPress (versions 1.8.0 and earlier). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Impact: stored cross-site scripting vulnerab...
PT-2024-14249 · Unknown · Epiphyt Embed Privacy
Name of the Vulnerable Software and Affected Versions: Epiphyt Embed Privacy versions 1.8.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can...
WordPress Form Block Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Form Block Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Epiphyt PSID a266390253a1 Credits Daniel Ruf Required privilege Unauthenticat...