WordPress wpForo Forum < 1.9.7 - Open Redirect

WordPress wpForo Forum 1.9.7 is susceptible to an open redirect vulnerability because the plugin did not validate the redirectto parameter in the login form of the forum, leading to an open redirect issue after a successful login. id: CVE-2021-24406 info: name: WordPress wpForo Forum 1.9.7 - Open...

WordPress wpDiscuz <=7.0.4 - Remote Code Execution

WordPress wpDiscuz plugin versions version 7.0 through 7.0.4 are susceptible to remote code execution. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site's server. id: CVE-2020-24186 info: nam...

WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting

WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflected cross-site scripting via the URI. id: CVE-2018-11709 info: name: WordPress wpForo Forum = 1.4.11 - Cross-Site Scripting author: daffainfo,s4e-io severity: medium description: WordPress wpForo Forum plugin...

CVE-2023-49759

Cross-Site Request Forgery CSRF vulnerability in gVectors Team WooDiscuz – WooCommerce Comments.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.3.0...

CVE-2020-24186

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...

EUVD-2023-56391

Malicious code in bioql PyPI...

EUVD-2023-50532

Malicious code in bioql PyPI...

EUVD-2023-37386

Malicious code in bioql PyPI...

EUVD-2023-53682

Malicious code in bioql PyPI...

EUVD-2024-35440

Malicious code in bioql PyPI...

EUVD-2023-51873

Malicious code in bioql PyPI...

EUVD-2023-37383

Malicious code in bioql PyPI...

EUVD-2024-40181

Malicious code in bioql PyPI...

EUVD-2023-50049

Malicious code in bioql PyPI...

EUVD-2023-50530

Malicious code in bioql PyPI...

EUVD-2023-51318

Malicious code in bioql PyPI...

CVE-2024-35681

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18...

CVE-2023-47775

Cross-Site Request Forgery CSRF vulnerability in gVectors Team Comments — wpDiscuz plugin = 7.6.11 versions...

CVE-2023-47185

Unauth. Stored Cross-Site Scripting XSS vulnerability in gVectors Team Comments — wpDiscuz plugin = 7.6.11 versions...

CVE-2023-51691

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12...