3 matches found
MAL-2025-188739 Malicious code in planetology-stratosphere-library-csrf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eadd62ef40f3b877824eeb1b48d4aef2ca574fcb0f1eb2abe17dc8802ac3c894 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-46436 WordPress SCSS-Library plugin <= 0.4.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Sebastian Echeverry SCSS-Library scss-library allows Cross Site Request Forgery.This issue affects SCSS-Library: from n/a through = 0.4.1...
PT-2025-17765 · Unknown · Scss-Library
Name of the Vulnerable Software and Affected Versions: SCSS-Library versions 0.4.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. Recommendations: For SCSS-Library versions 0.4.1 and earlier, as a temporary...