31 matches found
CVE-2025-23659
Cross-Site Request Forgery CSRF vulnerability in hernanjh MercadoLibre Integration mercadolibre-integration allows Stored XSS.This issue affects MercadoLibre Integration: from n/a through = 1.1...
Malicious code in ui-library_mercadolibre (npm)
The package ui-librarymercadolibre was found to contain malicious code...
MAL-2025-48514 Malicious code in ui-library_mercadolibre (npm)
The package ui-librarymercadolibre was found to contain malicious code...
EUVD-2014-5545
Malware in sbrugna...
EUVD-2025-3323
Malicious code in bioql PyPI...
Malicious code in mercadolibre-prueba-front (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e618c15b2fe0ed57d70ce007a41fcc579a49559db036719367d16367c00dc258 The OpenSSF Package Analysis project identified...
Malicious code in next-typescript-mercadolibre (npm)
The package communicates with a domain associated with malicious activity...
CVE-2025-23659
Cross-Site Request Forgery CSRF vulnerability in hernanjh MercadoLibre Integration mercadolibre-integration allows Stored XSS.This issue affects MercadoLibre Integration: from n/a through = 1.1...
CVE-2025-23659
Cross-Site Request Forgery CSRF vulnerability in hernanjh MercadoLibre Integration mercadolibre-integration allows Stored XSS.This issue affects MercadoLibre Integration: from n/a through = 1.1...
CVE-2025-23659
CVE-2025-23659 affects MercadoLibre Integration (WordPress plugin). The issue is CSRF that enables stored XSS. Affected version range listed as MercadoLibre Integration: from n/a through 1.1. The referenced Red Hat advisory confirms the same description. Reported CVSS v3.1 base score 7.1 (High). ...
WordPress plugin MercadoLibre Integration 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
MercadoLibre: Sale cancellations from other sellers without restrictions
The summary is as follows: A vulnerability was reported that allowed sale cancellations from other sellers without restrictions. The issue was acknowledged and addressed by MercadoLibre...
MercadoLibre: Account Takeover / Arbitrary File read and deletion / Partial code execution (intent redirection)
The vulnerability allowed for account takeover, arbitrary file read and deletion, and partial code execution through intent redirection. MercadoLibre acknowledged the issue and worked on a fix internally...
MercadoLibre: Stored Cross-Site Scripting in mercadopago.com.ar
The summary is as follows: A stored cross-site scripting vulnerability was discovered in mercadopago.com.ar. The issue was acknowledged and addressed by MercadoLibre internally...
MercadoLibre: Stored XSS in reclamos
Stored XSS vulnerability was discovered in the reclamos section of MercadoLibre. The issue was reported by @valent1ne, who provided clear steps to reproduce the vulnerability and a proof-of-concept code. MercadoLibre acknowledged the issue and implemented a fix...
MercadoLibre: Reflected Cross Site Scripting
Reflected Cross Site Scripting was reported by @madara. A proof-of-concept code was provided to demonstrate the vulnerability. The issue was acknowledged and addressed internally by MercadoLibre...
inmuebles.mercadolibre.co.cr XSS vulnerability
Open Bug Bounty ID: OBB-712876 Description| Value ---|--- Affected Website:| inmuebles.mercadolibre.co.cr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
listado.mercadolibre.com.bo XSS vulnerability
Open Bug Bounty ID: OBB-712875 Description| Value ---|--- Affected Website:| listado.mercadolibre.com.bo Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
listado.mercadolibre.com.do XSS vulnerability
Open Bug Bounty ID: OBB-712870 Description| Value ---|--- Affected Website:| listado.mercadolibre.com.do Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
listado.mercadolibre.co.cr XSS vulnerability
Open Bug Bounty ID: OBB-712865 Description| Value ---|--- Affected Website:| listado.mercadolibre.co.cr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...