85 matches found
CVE-2026-8896
The CVE-2026-8896 entry concerns the MIR blocks and shortcodes plugin for WordPress. Affected component: the msc_stats shortcode in versions up to 1.0.0. Issue: insufficient input sanitization and output escaping for shortcode attributes (e.g., title, ready_animation_text) inside the msc_stats() ...
EUVD-2026-38682
The MIR blocks and shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute and other attributes such as 'readyanimationtext' of the 'mscstats' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and outpu...
WordPress MIR blocks and shortcodes plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin MIR blocks and shortcodes versions = 1.0.0...
CVE-2025-13819
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks...
CVE-2025-13819
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks...
EUVD-2025-199977
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks...
EUVD-2020-2725
Malware in sbrugna...
EUVD-2020-2724
Malware in sbrugna...
EUVD-2020-2728
Malware in sbrugna...
EUVD-2025-28828
Malicious code in bioql PyPI...
EUVD-2025-23984
Malicious code in bioql PyPI...
EUVD-2025-28827
Malicious code in bioql PyPI...
EUVD-2025-25269
Malicious code in bioql PyPI...
CVE-2025-9229
Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages...
CVE-2025-9228
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9229
Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages...
CVE-2025-9229
MiR software (Mobile Industrial Robots MiR controllers/robotics ecosystem) is affected prior to version 3.0.0. The issue is an information-disclosure vulnerability rooted in the error handling mechanism, which allows unauthenticated attackers to access verbose error pages and view detailed data s...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9228
MiR software (versions prior to 3.0.0) has insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended for administrators. Root cause: authorization gap in text-note creation. Impact: potential integrity concerns within text notes; CVSS-A/I ...