31 matches found
EUVD-2021-2237
Malware in sbrugna...
EUVD-2008-5255
Malware in sbrugna...
EUVD-2024-0794
Malicious code in bioql PyPI...
EUVD-2025-7830
Malicious code in bioql PyPI...
EUVD-2023-0351
Malicious code in bioql PyPI...
EUVD-2022-6087
Malicious code in bioql PyPI...
CVE-2025-49312 WordPress Echo RSS Feed Post Generator Plugin for WordPress plugin <= 5.4.8.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeRevolution Echo RSS Feed Post Generator Plugin for WordPress rss-feed-post-generator-echo allows Reflected XSS.This issue affects Echo RSS Feed Post Generator Plugin for WordPress: from n/a...
WordPress plugin Echo RSS Feed Post Generator Plugin Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-27927
RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service DoS attacks. The attacker ca...
CVE-2023-26491
RSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructe...
WordPress Google News Editors Picks Feed Generator plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2025-28860
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Google News Editors Picks Feed Generator versions = 2.1...
CVE-2025-28860
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator allows Stored XSS. This issue affects Google News Editors Picks Feed Generator: from n/a through 2.1...
CVE-2025-28860
CVE-2025-28860 – Google News Editors Picks Feed Generator is a CSRF-to-Stored XSS vulnerability affecting the WordPress plugin Google News Editors Picks Feed Generator (versions up to 2.1). The issue arises from insufficient validation of requests, enabling a CSRF attacker to trigger stored XSS w...
CVE-2025-28860 WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
CVE-2025-28860 WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in PPDPurveyor Google News Editors Picks Feed Generator google-news-editors-picks-news-feeds allows Stored XSS.This issue affects Google News Editors Picks Feed Generator: from n/a through = 2.1...
WordPress plugin Google News Editors Picks Feed Generator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
RSSHub 安全漏洞
RSSHub is an RSS feed generator written in Node.js, distributed under the MIT license and maintained by DIYgod and other GitHub users. A security vulnerability exists in RSSHub versions 1.0.0-master.cbbd829 through prior to 1.0.0-master.d8ca915, which stems from the presence of a cross-site...
CVE-2024-27926
RSSHub (Node.js) is affected by a Cross-site Scripting (XSS) vulnerability in the internal media proxy. A crafted image sent to the proxy from versions 1.0.0-master.cbbd829 up to, but not including, 1.0.0-master.d8ca915, can bypass sanitization and allow execution of arbitrary JavaScript code whe...