11 matches found
EUVD-2025-10443
Malicious code in bioql PyPI...
CVE-2025-22279
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...
CVE-2025-22279
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...
CVE-2025-22279 WordPress JetCompareWishlist plugin <= 1.5.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...
CVE-2025-22279
CVE-2025-22279 (JetCompareWishlist for Elementor) is an authenticated LFI in the PHP Include/Require flow, allowing local file disclosure. Affected versions: JetCompareWishlist up through 1.5.9. Risk cited in the entry is HIGH (CVSS 3.1: 7.5). Remediation: update to JetCompareWishlist 1.5.9 or ne...
WordPress JetCompareWishlist plugin <= 1.5.9 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetCompareWishlist versions = 1.5.9...
PT-2025-15966 · Crocoblock · Crocoblock Jetcomparewishlist
Name of the Vulnerable Software and Affected Versions: Crocoblock JetCompareWishlist versions 1.5.9 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...
WordPress plugin JetCompareWishlist 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Broken Access Control
Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 4465ac899143 Credits Rafie Muhammad...
WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Broken Access Control
Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID c645a5e87be7 Credits Rafie Muhammad...
WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID a6d5fc45ad7d Credits Rafie Muhammad...