28 matches found
CVE-2026-32518
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...
EUVD-2026-15880
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...
CVE-2026-32518
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...
PT-2026-28032
Name of the Vulnerable Software and Affected Versions imithemes Gaea versions prior to 3.8 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for the execution of malicious...
EUVD-2025-14129
Malicious code in bioql PyPI...
EUVD-2025-24745
Malicious code in bioql PyPI...
EUVD-2025-15490
Malicious code in bioql PyPI...
CVE-2025-39483
Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a through 3.9.9.1...
CVE-2025-39483
Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a through 3.9.9.1...
CVE-2025-39483
Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer allows Code Injection.This issue affects Eventer: from n/a before 3.9.9.1...
CVE-2025-39483
CVE-2025-39483 is an Unauthenticated Shortcode/Code Injection vulnerability in the imithemes Eventer WordPress plugin. Affected: Eventer before 3.9.9.1 (via versions up to 3.9.6 per sources). Impact: shortcodes could be abused to inject code. Remediation: update Eventer to version 3.9.9.1 or late...
CVE-2025-39483 WordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a through 3.9.9.1...
PT-2025-33168 · WordPress · Imithemes Eventer
Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions n/a through 3.9.6 Description: An improper control of generation of code 'Code Injection' issue exists in imithemes Eventer, allowing code injection. Recommendations: Update imithemes Eventer to a version later than...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39482 WordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39482
CVE-2025-39482 affects the WordPress plugin Eventer (IMITHEMEs) for WordPress. The issue is a Missing Authorization/broken access-control vulnerability, allowing unauthorized actions due to incorrectly configured access levels. Public details indicate affected versions include Eventer prior to 3....
PT-2025-21697
Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions prior to 3.9.7 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions prior to 3.9.7,...