EUVD-2023-31196

Malicious code in bioql PyPI...

CVE-2025-50030 WordPress Spark Multipurpose theme <= 1.0.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sparklewpthemes Spark Multipurpose spark-multipurpose allows DOM-Based XSS.This issue affects Spark Multipurpose: from n/a through = 1.0.7...

CVE-2023-27420

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Arya Multipurpose theme = 1.0.5 versions...

CVE-2024-7486

The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpedenpostmeta' post meta. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

WordPress Envo Multipurpose theme <= 1.1.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani in WordPress Theme Envo Multipurpose versions = 1.1.6...

CVE-2024-7486

The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpedenpostmeta' post meta. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-7486 MultiPurpose <= 1.2.0 - Authenticated (Contributor+) PHP Object Injection

The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpedenpostmeta' post meta. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-7486

CVE-2024-7486 affects the MultiPurpose WordPress theme (all versions up to 1.2.0) via PHP Object Injection from deserializing untrusted input in wpeden_post_meta. Exploitation requires at least Contributor+ authentication; no POP chain is present in the core, but a POP chain from a compatible plu...

WordPress theme MultiPurpose 安全漏洞

WordPress is a blogging platform developed in the PHP language by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme MultiPurpose version 1.2.0 and earlie...

WordPress Multipurpose Theme <= 1.2.0 is vulnerable to PHP Object Injection

Software Multipurpose Type Theme Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-7486 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 5a908ef6f2c7 Credits Francesco Carlucci Required privilege...

CVE-2023-27420

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Arya Multipurpose theme = 1.0.5 versions...

CVE-2023-27420

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Arya Multipurpose theme = 1.0.5 versions...

CVE-2023-27420 WordPress Arya Multipurpose Theme <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Arya Multipurpose theme = 1.0.5 versions...

CVE-2023-27420 WordPress Arya Multipurpose Theme <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest Themes Arya Multipurpose theme = 1.0.5 versions...

CVE-2023-27420

CVE-2023-27420 corresponds to an unauthenticated reflected Cross-Site Scripting (XSS) vulnerability in the Everest Themes Arya Multipurpose WordPress theme, affected versions are 1.0.5 and earlier. Public sources describe the issue as XSS but do not provide exploitation details in these documents...

WordPress Reality | Estate Multipurpose WordPress Theme Cross-Site Scripting Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. WordPress Reality | Estate Multipurpose WordPress Theme suffers from a cross-site scripting...