EUVD-2025-10443

Malicious code in bioql PyPI...

CVE-2025-22279

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...

CVE-2025-22279

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...

CVE-2025-22279

CVE-2025-22279 (JetCompareWishlist for Elementor) is an authenticated LFI in the PHP Include/Require flow, allowing local file disclosure. Affected versions: JetCompareWishlist up through 1.5.9. Risk cited in the entry is HIGH (CVSS 3.1: 7.5). Remediation: update to JetCompareWishlist 1.5.9 or ne...

CVE-2025-22279 WordPress JetCompareWishlist plugin <= 1.5.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetCompareWishlist jet-compare-wishlist allows PHP Local File Inclusion.This issue affects JetCompareWishlist: from n/a through = 1.5.9...

WordPress JetCompareWishlist plugin <= 1.5.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetCompareWishlist versions = 1.5.9...

WordPress plugin JetCompareWishlist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2025-15966 · Crocoblock · Crocoblock Jetcomparewishlist

Name of the Vulnerable Software and Affected Versions: Crocoblock JetCompareWishlist versions 1.5.9 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...

WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Broken Access Control

Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48761 Patch priority Medium CVSS severity Medium 6.3 Developer Crocoblock PSID 4465ac899143 Credits Rafie Muhammad...

WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Broken Access Control

Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48760 Patch priority Medium CVSS severity Medium 8.2 Developer Crocoblock PSID c645a5e87be7 Credits Rafie Muhammad...

WordPress JetCompareWishlist Plugin <= 1.5.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software JetCompareWishlist Type Plugin Vulnerable versions = 1.5.5.1 Fixed in 1.5.5.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48762 Patch priority Low CVSS severity Low 6.3 Developer Crocoblock PSID a6d5fc45ad7d Credits Rafie Muhammad...