28 matches found
EUVD-2025-30645
Malicious code in bioql PyPI...
EUVD-2024-37594
Malicious code in bioql PyPI...
EUVD-2023-31224
Malicious code in bioql PyPI...
CVE-2025-57984
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...
WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Server Side Request Forgery SSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.4...
CVE-2025-57984
CVE-2025-57984 is described as a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin MakeStories (for Google Web Stories) . Connected documents indicate the issue is present in versions up to 3.0.4 and requires an authenticated user with the Author+ role to exploit. No public...
CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories allows Server Side Request Forgery. This issue affects MakeStories for Google Web Stories: from n/a through 3.0.4...
CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery SSRF vulnerability in Pratik Ghela MakeStories for Google Web Stories makestories-helper allows Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through = 3.0.4...
PT-2025-38834
Name of the Vulnerable Software and Affected Versions MakeStories for Google Web Stories versions through 3.0.4 Description A Server-Side Request Forgery SSRF vulnerability exists in MakeStories for Google Web Stories. This issue allows Server Side Request Forgery. The vulnerability potentially...
WordPress plugin MakeStories (for Google Web Stories) 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
CVE-2023-27448
Cross-Site Request Forgery CSRF vulnerability in MakeStories Team MakeStories for Google Web Stories plugin = 2.8.0 versions...
CVE-2024-38746
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...
CVE-2024-38746
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...
CVE-2024-38746
CVE-2024-38746 affects the WordPress MakeStories (for Google Web Stories) plugin: MakeStories (for Google Web Stories) up to version 3.0.3 is affected by a path traversal vulnerability that also enables Server-Side Request Forgery (SSRF), potentially allowing arbitrary file download. The connecte...
CVE-2024-38746 WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...
CVE-2024-38746 WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in MakeStories Team MakeStories for Google Web Stories allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories for Google Web Stories: from n/a through 3.0.3...
WordPress plugin MakeStories 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vulnerability
Arbitrary File Download and SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin MakeStories for Google Web Stories versions = 3.0.3...
WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.3 is vulnerable to Arbitrary File Download
Software MakeStories for Google Web Stories Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-38746 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 40afb38048ba Credits Majed...
MakeStories (for Google Web Stories) <= 2.8.2 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...