297 matches found
MAL-2025-42125 Malicious code in @liquid-web/core-services (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f9afbcbd82f8b0c7374b5e9edb81329aa506296ef39a5a63d70d59af7591e74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in prettier-plugin-liquid (npm)
The package prettier-plugin-liquid was found to contain malicious code...
Malicious code in slate-liquid-asset-loader (npm)
The package slate-liquid-asset-loader was found to contain malicious code...
Malicious code in liquid-c (npm)
The package liquid-c was found to contain malicious code...
MAL-2025-25427 Malicious code in liquid-c (npm)
The package liquid-c was found to contain malicious code...
MAL-2025-29625 Malicious code in prettier-plugin-liquid (npm)
The package prettier-plugin-liquid was found to contain malicious code...
MAL-2025-33406 Malicious code in slate-liquid-asset-loader (npm)
The package slate-liquid-asset-loader was found to contain malicious code...
CVE-2025-47444
Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...
CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...
CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through = 1.32.1...
WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.5.0 - Authenticated (GiveWP worker+) Stored Cross-Site Scripting vulnerability
Authenticated GiveWP worker+ Stored Cross-Site Scripting vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin GiveWP versions = 4.5.0...
WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification vulnerability
Missing Authorization To Authenticated Contributor+ Campaign Data View And Modification vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin GiveWP versions = 4.3.0...
WordPress The Events Calendar plugin <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin The Events Calendar versions = 6.13.2...
CVE-2024-52357
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lqd LIQUID BLOCKS liquid-blocks allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through = 1.2.0...
CVE-2023-27889
Cross-site request forgery CSRF vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page...
CVE-2023-23672
Missing Authorization vulnerability in Liquid Web / StellarWP GiveWP.This issue affects GiveWP: from n/a through 2.25.1...
CVE-2019-17070
The liquid-speech-balloon aka LIQUID SPEECH BALLOON plugin before 1.0.7 for WordPress allows XSS with Internet Explorer...
WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin The Events Calendar versions = 6.11.2.1...
WordPress The Events Calendar plugin < 6.6.4 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin The Events Calendar versions 6.6.4...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of a non-threaded IRQ to handle LCD DMA, which could lead to scheduling issues...