EUVD-2025-27397

Malicious code in bioql PyPI...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

CVE-2025-58983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Jihwan Moon in WordPress Plugin Include Me versions = 1.3.2...

CVE-2025-58983

CVE-2025-58983 concerns the WordPress plugin Include Me (versions up to and including 1.3.2) with a Stored XSS vulnerability caused by improper input neutralization during web page generation. The issue affects Include Me and has been patched in version 1.3.2; mitigation is to update to a version...

CVE-2025-58983 WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me allows Stored XSS. This issue affects Include Me: from n/a through 1.3.2...

CVE-2025-58983 WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stefano Lissa Include Me include-me allows Stored XSS.This issue affects Include Me: from n/a through = 1.3.2...

PT-2025-36804

Name of the Vulnerable Software and Affected Versions: Include Me versions through 1.3.2 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update Include Me t...

WordPress plugin Include Me 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

CVE-2021-24453

The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution RCE of the system due to log poisoning and therefore potentially a full compromise of the underlying structure...

Path traversal

The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution RCE of the system due to log poisoning and therefore potentially a full compromise of the underlying structure...

CVE-2021-24453 Include Me <= 1.2.1 - Authenticated Remote Code Execution (RCE) via LFI log poisoning

The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution RCE of the system due to log poisoning and therefore potentially a full compromise of the underlying structure...

WordPress 路径遍历漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A path traversal vulnerability exists in the WordPress plugin Include Me, which stems from the...

WordPress Include Me plugin <= 1.2.1 - Path traversal and Local File Inclusion (LFI) vulnerability leading to Remote Code Execution (RCE)

Path traversal and Local File Inclusion LFI vulnerability leading to Remote Code Execution RCE discovered by Mesut Cetin in WordPress Include Me plugin versions = 1.2.1. Solution Update the WordPress Include Me plugin to the latest available version at least 1.2.2...