9 matches found
EUVD-2025-28307
Malicious code in bioql PyPI...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
CVE-2025-49434 WordPress Laposta WooCommerce plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stijnvanderree Laposta WooCommerce allows Stored XSS. This issue affects Laposta WooCommerce: from n/a through 1.9.1...
CVE-2025-49434 WordPress Cars4Rent Theme <= 1.4.2 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through = 1.4.2...
CVE-2025-49434
Deserialization of Untrusted Data vulnerability in WordPress Cars4Rent Theme/Cars4Rent plugin (CVE-2025-49434) affects Cars4Rent: from n/a through <= 1.4.2. Root cause: PHP object deserialization leading to Object Injection. Impact is rated Critical (CVSS 3.1 base 9.8) with potential HIGH impa...
WordPress plugin Laposta WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-33954 · WordPress · Laposta Woocommerce
Name of the Vulnerable Software and Affected Versions: Laposta WooCommerce versions through 1.9.1 Description: This issue involves improper neutralization of input during web page generation, leading to a Stored Cross-Site Scripting XSS condition. Successful exploitation could allow an attacker t...
WordPress Laposta WooCommerce plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Laposta WooCommerce versions = 1.9.1...