4 matches found
EUVD-2026-37033
The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due to the 'generatePluginHandler' function lacking any authorization check before processing user-supplied POST data, combined with the...
Malicious code in @common-stack/generate-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15f30b45b6ea31758071424512b5ad882005c2a2f55740597fb8122c59a448d1 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Server-side Request Forgery (SSRF)
Overview prompts.chat is a Developer toolkit for AI prompts - build, validate, parse, and connect to prompts.chat Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Wiro media-generate plugin. An attacker can access internal network resources and exfiltra...
WordPress Code Generate plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Code Generate versions = 1.0...