WordPress plugin Google Drive 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2025-12666

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-12666 Google Drive upload and download link <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Google Drive upload and download link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter of the 'atachfilegoogle' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-12666

CVE-2025-12666 in the WordPress plugin “Google Drive upload and download link” is a Stored Cross‑Site Scripting flaw via the 'link' parameter of the atachfilegoogle shortcode. Root cause: insufficient input sanitization and output escaping. Affected since versions up to and including 1.0. Impact:...

EUVD-2025-4775

Malicious code in bioql PyPI...

EUVD-2024-27050

Malicious code in bioql PyPI...

EUVD-2025-23610

Malicious code in bioql PyPI...

CVE-2025-7050

The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata

The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata

The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-7050

CVE-2025-7050 affects Use-your-Drive | Google Drive plugin for WordPress (versions

CVE-2025-27016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in awsm.in Drivr Lite – Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite – Google Drive Plugin: from n/a through 1.0.1...

CVE-2025-27016

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in awsm.in Drivr Lite – Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite – Google Drive Plugin: from n/a through 1.0.1...

CVE-2025-27016

CVE-2025-27016 affects Drivr Lite – Google Drive Plugin (WordPress). The Wordfence, EUVD and CVE records note an Authenticated Stored Cross-Site Scripting vulnerability in Drivr Lite up to version 1.0.1, caused by improper neutralization of input during web page generation. Impact is stored XSS p...

CVE-2025-27016 WordPress Drivr Lite – Google Drive Plugin plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in awsm.in Drivr Lite – Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite – Google Drive Plugin: from n/a through 1.0.1...

WordPress Drivr Lite – Google Drive Plugin plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Drivr Lite – Google Drive Plugin versions = 1.0.1...

CVE-2024-35670 WordPress Integrate Google Drive plugin <= 1.3.93 - Broken Access Control vulnerability

Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93...

WordPress Integrate Google Drive Plugin <= 1.3.8 is vulnerable to Broken Access Control

Software Integrate Google Drive Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.91 OWASP Top 10 A4: Insecure Design Classification Broken Access Control CVE CVE-2024-32949 Patch priority Medium CVSS severity Medium 8.3 Developer Claim ownership PSID ccf771b656bb Credits Steven Julian Require...

PT-2023-23625 · Softlab · Softlab Integrate Google Drive

Name of the Vulnerable Software and Affected Versions: SoftLab Integrate Google Drive versions n/a through 1.1.99 Description: The issue is related to a Missing Authorization vulnerability in SoftLab Integrate Google Drive, allowing exploitation of incorrectly configured access control security...