EUVD-2025-13768

Malicious code in bioql PyPI...

CVE-2025-47615

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flowdee Amazon Product in a Post amazon-product-in-a-post-plugin allows Stored XSS.This issue affects Amazon Product in a Post: from n/a through = 5.2.2...

CVE-2025-47612

Missing Authorization vulnerability in flowdee ClickWhale allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ClickWhale: from n/a through 2.4.6...

CVE-2025-47615

CVE-2025-47615 is a Stored XSS in the WordPress plugin Amazon Product in a Post by flowdee, affecting versions n/a through 5.2.2. The issue stems from improper input neutralization during web page generation. Public sources (NVD/PATCHSTACK/Wordfence listing) indicate the vulnerability exists and ...

PT-2025-20181 · Flowdee · Flowdee Clickwhale

Name of the Vulnerable Software and Affected Versions: flowdee ClickWhale versions 2.4.6 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For flowdee ClickWhale...

PT-2025-20183 · Unknown · Flowdee Amazon Product In A Post

Name of the Vulnerable Software and Affected Versions: flowdee Amazon Product in a Post versions n/a through 5.2.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

CVE-2025-26963

Cross-Site Request Forgery CSRF vulnerability in flowdee ClickWhale allows Cross Site Request Forgery. This issue affects ClickWhale: from n/a through 2.4.3...