MAL-2026-1300 Malicious code in @mmm-otrade/transaction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f1e04f746cfc3e1e936e4a628b0435b494c9dfc00739285e88d0ae03b00d9b3 The package @mmm-otrade/transaction was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1301 Malicious code in @mmm-otrade/transaction-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf4c9f5e8a8d9c59d2880a5aafe18bd8780c33c876d202589f4751d5447ce1c The package @mmm-otrade/transaction-adapter was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @mmm-otrade/transaction is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious code in @mmm-otrade/transaction-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf4c9f5e8a8d9c59d2880a5aafe18bd8780c33c876d202589f4751d5447ce1c The package @mmm-otrade/transaction-adapter was found to contain malicious code. Source: ghsa-malware...

CVE-2023-4297

The Mmm Simple File List WordPress plugin through 2.3 does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary directories...

CVE-2023-4514

The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

EUVD-2017-5983

Malware in sbrugna...

EUVD-2011-5256

Malware in sbrugna...

EUVD-2017-5977

Malware in sbrugna...

EUVD-2017-5981

Malware in sbrugna...

CVE-2011-10021

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler SEH. By crafting a...

CVE-2011-10021

Magix Musik Maker 16 is affected by a stack-based buffer overflow when processing .mmm files due to an unsafe strcpy() that fails to validate input length, allowing an attacker to overwrite the Structured Exception Handler (SEH). Exploitation is triggered by opening a crafted .mmm file and can le...

CVE-2011-10021

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler SEH. By crafting a...

PT-2025-34102 · Undefined · Undefined

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler SEH. By crafting a...

CVE-2025-8399

The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2025-8399

CVE-2025-8399 affects the WordPress plugin “MMM Unity Loader” up to version 1.0 and enables stored XSS via the attributes parameter. Exploitation requires authenticated access at Contributor level or higher, enabling script injection on pages visited by users. Various connected sources corroborat...

CVE-2025-8399 Mmm Unity Loader <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributes Parameter

The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2025-8399 Mmm Unity Loader <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributes Parameter

The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

PT-2025-31731 · WordPress · Mmm Unity Loader

Name of the Vulnerable Software and Affected Versions: Mmm Unity Loader plugin for WordPress versions prior to 1.0 Description: The Mmm Unity Loader plugin for WordPress is susceptible to Stored Cross-Site Scripting via the attributes parameter due to insufficient input sanitization and output...

WordPress plugin Mmm Unity Loader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...