75 matches found
WordPress InPost Gallery <2.1.4.1 - Local File Inclusion
WordPress InPost Gallery plugin before 2.1.4.1 is susceptible to local file inclusion. The plugin insecurely uses PHP's extract function when rendering HTML views, which can allow attackers to force inclusion of malicious files and URLs. This, in turn, can enable them to execute code remotely on...
WordPress InPost Gallery plugin <= 2.1.4.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by hivesec in WordPress Plugin InPost Gallery versions = 2.1.4.6...
CVE-2026-0736
The Chatbot for WordPress by Collect.chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inpostheadscriptsynthheaderscript' post meta field in all versions up to, and including, 2.4.8 due to insufficient input sanitization and output escaping. This makes it possible fo...
PT-2026-8066
The Chatbot for WordPress by Collect.chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ' inpost head scriptsynth header script' post meta field in all versions up to, and including, 2.4.8 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2025-11453
The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11453
The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11453 Header and Footer Scripts <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Header and Footer Scripts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the inpostheadscript parameter in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT-2026-1694
Name of the Vulnerable Software and Affected Versions Header and Footer Scripts plugin for WordPress versions up to and including 2.2.2 Description The Header and Footer Scripts plugin for WordPress is susceptible to Stored Cross-Site Scripting through the inpost head script parameter. Insufficie...
EUVD-2023-32327
Malicious code in bioql PyPI...
EUVD-2024-47585
Malicious code in bioql PyPI...
EUVD-2025-27026
Malicious code in bioql PyPI...
EUVD-2025-11121
Malicious code in bioql PyPI...
EUVD-2024-33729
Malicious code in bioql PyPI...
CVE-2025-57889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 InPost Gallery inpost-gallery allows PHP Local File Inclusion.This issue affects InPost Gallery: from n/a through = 2.1.4.5...
CVE-2025-57889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 InPost Gallery inpost-gallery allows PHP Local File Inclusion.This issue affects InPost Gallery: from n/a through = 2.1.4.5...
CVE-2025-57889 WordPress InPost Gallery Plugin <= 2.1.4.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 InPost Gallery inpost-gallery allows PHP Local File Inclusion.This issue affects InPost Gallery: from n/a through = 2.1.4.5...
CVE-2025-57889 WordPress InPost Gallery Plugin <= 2.1.4.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 InPost Gallery inpost-gallery allows PHP Local File Inclusion.This issue affects InPost Gallery: from n/a through = 2.1.4.5...
CVE-2025-57889
CVE-2025-57889 affects the WordPress InPost Gallery plugin up to version 2.1.4.5. It is an Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) vulnerability that enables PHP Local File Inclusion via include/require statements. Affected software: InPost Gallery (...
PT-2025-36250
Name of the Vulnerable Software and Affected Versions: InPost Gallery versions through 2.1.4.5 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...
WordPress plugin InPost Gallery 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...