EUVD-2025-30714

Malicious code in bioql PyPI...

EUVD-2025-28145

Malicious code in bioql PyPI...

CVE-2025-55887

Cross-Site Scripting XSS vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that ...

CVE-2025-55887

Cross-Site Scripting XSS vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that ...

CVE-2025-55887

Cross-Site Scripting XSS vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that ...

CVE-2025-55887

Cross-Site Scripting XSS vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that ...

PT-2025-39065

Name of the Vulnerable Software and Affected Versions ARD affected versions not specified Description A Cross-Site Scripting XSS issue exists in the meal reservation service. The vulnerability is located in the transactionID GET parameter on the transaction confirmation page. Insufficient input...

CVE-2025-55887

CVE-2025-55887 describes a Cross-Site Scripting (XSS) vulnerability in the ARD meal reservation service. The issue is located in the transactionID GET parameter on the transaction confirmation page and is caused by improper input validation and output encoding. Exploitation could allow an attacke...

CVE-2025-48149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx Cook cookandmeal allows PHP Local File Inclusion.This issue affects Cook: from n/a through = 1.2.3...

CVE-2025-48149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx Cook&Meal cookandmeal allows PHP Local File Inclusion.This issue affects Cook&Meal: from n/a through = 1.2.3...

CVE-2025-48149 WordPress Cook&Meal <= 1.2.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx Cook&Meal cookandmeal allows PHP Local File Inclusion.This issue affects Cook&Meal: from n/a through = 1.2.3...

CVE-2025-48149

CVE-2025-48149 affects the WordPress Cook&Meal theme (versions

CVE-2025-48149 WordPress Cook&Meal <= 1.2.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx Cook&Meal cookandmeal allows PHP Local File Inclusion.This issue affects Cook&Meal: from n/a through = 1.2.3...

PT-2025-33912 · Dedalx · Cook&Meal

Name of the Vulnerable Software and Affected Versions: dedalx Cook&Meal versions through 1.2.3 Description: This issue involves improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion. Recommendations: Update to a version late...

WordPress plugin Cook&Meal 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Cook&Meal <= 1.2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cook&Meal versions = 1.2.3...

WordPress Cook&Meal; Theme <= 1.2.3 is vulnerable to Local File Inclusion

Software Cook&Meal Type Theme Vulnerable versions = 1.2.3 Fixed in 1.2.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48149 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID ab26fb7dc392 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner by an individual developer in Hayden, USA. A security vulnerability exists in Mealie v2.2.0 that stems from improper object-level authorization...

WordPress Meal Tracker plugin <= 3.1.6 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Meal Tracker versions = 3.1.6...

WordPress Meal Tracker Plugin <= 3.1.6 is vulnerable to Backdoor

Software Meal Tracker Type Plugin Vulnerable versions = 3.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e250a3bed696 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...