6 matches found
CVE-2026-2292
The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
EUVD-2025-3816
Malicious code in bioql PyPI...
CVE-2025-24612
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ihor Kit Shipping for Nova Poshta nova-poshta-ttn allows SQL Injection.This issue affects Shipping for Nova Poshta: from n/a through = 1.19.6...
CVE-2025-24612
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ihor Kit Shipping for Nova Poshta nova-poshta-ttn allows SQL Injection.This issue affects Shipping for Nova Poshta: from n/a through = 1.19.6...
CVE-2025-24612
CVE-2025-24612: Affected product is WordPress Shipping for Nova Poshta plugin (versions n/a through 1.19.6). The root cause is improper neutralization of special elements used in SQL commands, enabling SQL injection. Exploitation details are not described in the provided sources, but the CVSS met...
PT-2025-5447 · Unknown · Morkva Shipping For Nova Poshta
Name of the Vulnerable Software and Affected Versions: MORKVA Shipping for Nova Poshta versions n/a through 1.19.6 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection,...