Malicious Package

Overview jonas-prettier-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in jonas-prettier-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f4e8e2d6e083733be2f7a98647f2a7267b3be203837f3081b4884ef3b926a0 The package jonas-prettier-logger was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2325 Malicious code in jonas-prettier-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f4e8e2d6e083733be2f7a98647f2a7267b3be203837f3081b4884ef3b926a0 The package jonas-prettier-logger was found to contain malicious code. Source: ghsa-malware...

WordPress Popup Box - Easily Create WordPress Popups plugin <= 3.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Popup Box - Easily Create WordPress Popups plugin = 3.2.12 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Popup Box versions = 3.2.12...

WordPress Hide Categories Or Products On Shop Page plugin <= 1.0.7 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Hide Categories Or Products On Shop Page versions = 1.0.7...

LZ4 Java 安全漏洞

LZ4 Java is a compression library for Java by the individual developer Jonas Konrad. A security vulnerability exists in LZ4 Java 1.10.0 and earlier versions, which stems from insufficient output buffer clearing and could lead to the disclosure of sensitive data...

WordPress EchBay Admin Security plugin <= 1.3.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin EchBay Admin Security versions = 1.3.0...

WordPress Multiple Roles per User plugin <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege Escalation vulnerability

Missing Authorization to Authenticated Custom+ Privilege Escalation vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Multiple Roles per User versions = 1.0...

WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability

Missing Authentication to Unauthenticated Order Status Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Oceanpayment CreditCard Gateway versions = 6.0...

EUVD-2006-6377

Malware in sbrugna...

WordPress ContentMX Content Publisher plugin <= 1.0.6 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin ContentMX Content Publisher versions = 1.0.6...

CVE-2025-47593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page really-simple-under-construction allows Stored XSS.This issue affects Really Simple Under Construction Page: from n/a through = 1.4.6...

CVE-2025-47593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jonas Hjalmarsson Really Simple Under Construction Page really-simple-under-construction allows Stored XSS.This issue affects Really Simple Under Construction Page: from n/a through = 1.4.6...

CVE-2025-47593

The CVE CVE-2025-47593 concerns the WordPress plugin Really Simple Under Construction Page (versions up to 1.4.6). It describes Stored Cross‑Site Scripting caused by improper neutralization of input during web page generation. Affected software is the plugin, not WordPress core. Exploitation deta...

WordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WPDM – Premium Packages versions = 5.9.1...

Wsb-Detect - Tool To Detect If You Are Running In Windows Sandbox ("WSB")

wsb-detect enables you to detect if you are running in Windows Sandbox "WSB". The sandbox is used by Windows Defender for dynamic analysis, and commonly manually by security analysts and alike. At the tail end of 2019, Microsoft introduced a new feature named Windows Sandbox WSB for short. The...

Citrix XenMobile Server 10.8 XML Injection

Exploit Title: Citrix XenMobile Server 10.8 - XML External Entity Injection Google Dork: inurl:zdm logon Date: 2019-11-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.citrix.com Software Link: Version: XenMobile Server 10.8 before RP2 and 10.7 before RP3 Tested on: XenMobile CVE :...

Citrix XenMobile Server 10.8 - XML External Entity Injection

Citrix XenMobile Server 10.8 - XML External Entity Injection Exploit Title: Citrix XenMobile Server 10.8 - XML External Entity Injection Google Dork: inurl:zdm logon Date: 2019-11-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.citrix.com Software Link: Version: XenMobile Server 10.8...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Episerver 7 Patch 4 XML Injection

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 1...