EUVD-2025-4311

Malicious code in bioql PyPI...

CVE-2025-27355

Cross-Site Request Forgery CSRF vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon loi-hamon allows Stored XSS.This issue affects Woocommerce – Loi Hamon: from n/a through = 1.1.0...

CVE-2025-27355

Cross-Site Request Forgery CSRF vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon loi-hamon allows Stored XSS.This issue affects Woocommerce – Loi Hamon: from n/a through = 1.1.0...

WordPress Woocommerce – Loi Hamon Plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Woocommerce – Loi Hamon versions = 1.1.0...

CVE-2025-27355 WordPress Woocommerce – Loi Hamon Plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon loi-hamon allows Stored XSS.This issue affects Woocommerce – Loi Hamon: from n/a through = 1.1.0...

CVE-2025-27355 WordPress Woocommerce – Loi Hamon Plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon loi-hamon allows Stored XSS.This issue affects Woocommerce – Loi Hamon: from n/a through = 1.1.0...

CVE-2025-27355

The CVE-2025-27355 entry describes a CSRF to Stored XSS vulnerability in the WordPress WooCommerce – Loi Hamon plugin, affecting versions up to 1.1.0. The issue enables stored XSS via a CSRF flow, as reported for WooCommerce – Loi Hamon ≤ 1.1.0. Connected sources corroborate the plugin name and v...

WordPress plugin Woocommerce – Loi Hamon 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site request forge...

PT-2025-7767 · Unknown · Woocommerce

Name of the Vulnerable Software and Affected Versions: WooCommerce - Loi Hamon versions 1.1.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS. Recommendations: For versions 1.1.0 and earlier, update to a version that contains a fix...

le-guide-loi-duflot.fr Cross Site Scripting vulnerability OBB-1336376

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

KLA10887 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting this vulnerability malicious users can cause denial of service, affect integrity or obtain sensitive information. This vulnerability can be exploited remotely. Technical details These vulnerabilities are related to 2D, AWT...

KLA10888 Multiple vulnerabilities in Oracle VM VirtualBox

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE. Original...

KLA10775 An unknown vulnerability in Oracle Java SE

An unspecified vulnerability was found in Oracle Java SE. By exploiting this vulnerability malicious users can cause denial of service, affect integrity or obtain sensitive information. This vulnerability can be exploited remotely via vectors related to subcomponent Hotspot Original advisories...

KLA10743 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can affect application confidentiality, integrity and availability. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, AWT, Libraries, Networking,...

KLA10732 Security bypass vulnerability in Mozilla Firefox and Firefox ESR

Lack of security enforcement was found in Mozilla Firefox. By exploiting this vulnerability malicious users can conduct man-in-the-middle attack. This vulnerability can be exploited remotely via a collision-based attacks. Technical details This vulnerability caused by not rejecting MD5 signatures...

KLA10683 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service or obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors. Technical details Vulnerabilities related to CORBA,...

KLA10639 Multiple vulnerabilities in Oracle products

Multiple vulnerabilities were found in Oracle Supply Chain Products Suite, Oracle Database Server, Oracle Commerce Platform and Oracle Enterprise Manager. By exploiting this vulnerability malicious users can affect confidentiality, integrity and availability. This vulnerabilities can be exploited...

KLA10638 Multiple vulnerabilities in Oracle MySQL

Unspecified vulnerabilities were found in MySQL Server. Malicious users can exploit these vulnerabilities to affect confidentiality,integrity and availability via unknown vectors related to Partition, DML, GIS and RBR. Original advisories Oracle Critical Patch Update Advisory Related products MyS...

KLA10548 Multiple vulnerabilities in Oracle products

An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE,...

KLA10530 JRE update for multiple VMware products

Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...