100 matches found
CVE-2026-3347
The Multi Functional Flexi Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the arvlbmessage parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This is due to the arvlboptionsval sanitize callback returning...
WordPress plugin Multi Functional Flexi Lightbox 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-1988
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2026-1988
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2026-1988 Flexi Product Slider and Grid for WooCommerce <= 1.0.5 - Authenticated (Contributor+) Local File Inclusion via 'theme' Shortcode Attribute
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2026-1988 Flexi Product Slider and Grid for WooCommerce <= 1.0.5 - Authenticated (Contributor+) Local File Inclusion via 'theme' Shortcode Attribute
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2026-1988
The WordPress plugin Flexi Product Slider and Grid for WooCommerce (versions ≤ 1.0.5) has an Authenticated (Contributor+) Local File Inclusion vulnerability exploitable via the 'theme' shortcode attribute. Root cause: Local File Inclusion in the shortcode handling. Impact: potential access to loc...
PT-2026-8087
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsg carousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization...
WordPress plugin Flexi Product Slider and Grid for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Flexi Product Slider and Grid for WooCommerce plugin <= 1.0.5 - Authenticated (Contributor+) Local File Inclusion via 'theme' Shortcode Attribute vulnerability
Authenticated Contributor+ Local File Inclusion via 'theme' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Flexi Product Slider and Grid for WooCommerce versions = 1.0.5...
CVE-2025-9129
The Flexi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin for WordPress's flexi-form-tag shortcode in all versions up to, and including, 4.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Flexi plugin <= 4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via flexi-form-tag Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via flexi-form-tag Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Flexi – Guest Submit versions = 4.28...
EUVD-2022-32080
Malicious code in bioql PyPI...
EUVD-2022-32084
Malicious code in bioql PyPI...
EUVD-2023-27551
Malicious code in bioql PyPI...
EUVD-2022-34597
Malicious code in bioql PyPI...
EUVD-2025-10753
Malicious code in bioql PyPI...
EUVD-2025-32251
Malicious code in bioql PyPI...
EUVD-2022-15588
Malicious code in bioql PyPI...
EUVD-2023-27544
Malicious code in bioql PyPI...