Joomla! Component Love Factory 1.3.4 - Local File Inclusion

A directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1957 info: name: Joomla! Component Love Factory 1.3.4 - Local File Inclusion...

CVE-2026-22711 Stored XSS through system messages in WikiLove

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting XSS.The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45...

CVE-2026-27082

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

EUVD-2026-15791

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082

CVE-2026-27082 describes a PHP object-injection/Deserialization of Untrusted Data vulnerability in WordPress Theme Love Story (ThemeREX Love Story) versions n/a through 1.3.12. The issue arises from deserializing untrusted data, enabling object injection. Reported impact includes high confidentia...

CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

WordPress plugin Love Story 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-27981

Name of the Vulnerable Software and Affected Versions ThemeREX Love Story versions n/a through 1.3.12 Description An issue exists in ThemeREX Love Story that allows for object injection due to deserialization of untrusted data. This impacts the application's ability to securely handle data input...

WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Love Story versions = 1.3.12...

CVE-2025-62694 Stored XSS through a system message

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - WikiLove Extension allows Stored XSS.This issue affects Mediawiki - WikiLove Extension: 1.39...

CVE-2025-62694

CVE-2025-62694 is a stored XSS in the Wikimedia Foundation MediaWiki WikiLove Extension (version 1.39). The root cause is improper neutralization of input during web page generation. This issue is described across multiple feeds as affecting the WikiLove Extension: 1.39, with a CVSS v4 base score...

EUVD-2014-5620

Malware in sbrugna...

EUVD-2010-1976

Malware in sbrugna...

EUVD-2014-6897

Malware in sbrugna...

EUVD-2023-53695

Malicious code in bioql PyPI...

EUVD-2023-58971

Malicious code in bioql PyPI...

MAL-2025-34393 Malicious code in tainted_love (npm)

The package taintedlove was found to contain malicious code...

Malicious code in i-just-love-bananas-dont-mind (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 23aa7188231dd22eb43f4fbc309dbeec0c8d18b512111786fb8e61c70e65b993 The OpenSSF Package Analysis project identified 'i-just-love-bananas-dont-mind' @ 1.0.2 npm as malicious. It is considered malicious because: -...