WordPress FluentForm plugin <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Joel Indra - Monarch Digital Indonesia in WordPress Plugin FluentForm versions = 5.1.19...

EUVD-2025-202025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Joel User Spam Remover user-spam-remover allows Retrieve Embedded Sensitive Data.This issue affects User Spam Remover: from n/a through = 1.1...

CVE-2025-62735

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Joel User Spam Remover user-spam-remover allows Retrieve Embedded Sensitive Data.This issue affects User Spam Remover: from n/a through = 1.1...

PT-2025-50004

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Joel User Spam Remover user-spam-remover allows Retrieve Embedded Sensitive Data.This issue affects User Spam Remover: from n/a through = 1.1...

EUVD-2024-24435

Malicious code in bioql PyPI...

EUVD-2022-4989

Malicious code in bioql PyPI...

EUVD-2024-28998

Malicious code in bioql PyPI...

EUVD-2023-27819

Malicious code in bioql PyPI...

CVE-2024-25927

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/a through 1.2.0...

WordPress Survey Maker plugin <= 5.1.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting via Survey Question vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via Survey Question vulnerability discovered by Joel Indra in WordPress Plugin Survey Maker versions = 5.1.3.3...

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visu...

WordPress Ninja Forms plugin <= 3.8.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joel Indra Patchstack Alliance in WordPress Plugin Ninja Forms versions = 3.8.11...

joel-seria.fr Cross Site Scripting vulnerability OBB-3938979

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Form Maker plugin <= 1.15.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joel Indra Patchstack Alliance in WordPress Plugin Form Maker by 10Web versions = 1.15.23...

CVE-2024-31298

CVE-2024-31298 affects the User Spam Remover plugin for WordPress (≤1.0). The issue is described as an Information Exposure via insertion of sensitive data into log files; connected sources confirm the CVE exists and that a fix/patch status is shown as Patched, but no concrete technical details (...

CVE-2024-31298 WordPress User Spam Remover plugin <= 1.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0...

CVE-2024-31298 WordPress User Spam Remover plugin <= 1.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0...

WordPress Top Bar plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joel Indra Patchstack Alliance in WordPress Plugin Top Bar versions = 3.0.5...

PT-2024-23945 · Unknown · Joel Hardi User Spam Remover

Name of the Vulnerable Software and Affected Versions: Joel Hardi User Spam Remover versions n/a through 1.0 Description: The issue is related to the insertion of sensitive information into log files. This can potentially expose sensitive data. Recommendations: For versions n/a through 1.0, updat...

CVE-2024-31087

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joel Starnes pageMash Page Management allows Reflected XSS.This issue affects pageMash Page Management: from n/a through 1.3.0...