SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the FormManager::create function. An attacker can access and exfiltrate sensitive database contents, including user credentials, by injecting arbitrary SQL statements through crafted input to the bnidnature parameter...

Nature Easy Soft Network Technology ZenTao 代码问题漏洞

Nature Easy Soft Network Technology ZenTao is a set of open source project management software from China's Nature Easy Soft Network Technology Nature Easy Soft Network Technology. The software includes product management, project management, quality management and document management functions. ...

EUVD-2023-48347

Malicious code in bioql PyPI...

EUVD-2025-3190

Malicious code in bioql PyPI...

EUVD-2025-6439

Malicious code in bioql PyPI...

CVE-2025-55229

CVE-2025-55229 concerns improper verification of cryptographic signatures in Windows Certificates, enabling a network attacker to spoof over the network. The primary root cause is flawed verification during certificate handling, with the CVSS data indicating network access, low attack complexity,...

Malicious code in yawn-nature-jri757-project (npm)

The package yawn-nature-jri757-project was found to contain malicious code...

MAL-2025-40380 Malicious code in yawn-nature-jri757-project (npm)

The package yawn-nature-jri757-project was found to contain malicious code...

CVE-2023-43988

An issue in nature fitness saijo mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

WordPress Eco Nature - Environment & Ecology WordPress theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update vulnerability

WordPress Eco Nature - Environment & Ecology WordPress theme = 2.0.4 - Missing Authorization to Authenticated Subscriber+ Limited Options Update vulnerability discovered by Lucio Sá in WordPress Theme Eco Nature versions = 2.0.4...

CVE-2025-0952 Eco Nature - Environment & Ecology WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmastershideadminnotice' AJAX action in all versions up to, and including, 2.0.4. This mak...

WordPress plugin Eco Nature - Environment & Ecology 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2025-23454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flashmaniac Nature FlipBook vertical-diamond-flipbook-flash allows Reflected XSS.This issue affects Nature FlipBook: from n/a through = 1.7...

CVE-2025-23454

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flashmaniac Nature FlipBook vertical-diamond-flipbook-flash allows Reflected XSS.This issue affects Nature FlipBook: from n/a through = 1.7...

CVE-2025-23454 WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flashmaniac Nature FlipBook vertical-diamond-flipbook-flash allows Reflected XSS.This issue affects Nature FlipBook: from n/a through = 1.7...

CVE-2025-23454

CVE-2025-23454 affects the Nature FlipBook WordPress Plugin. The vulnerability is a Reflected XSS caused by improper neutralization of input during web page generation, affecting plugin versions up to 1.7. CVSS v3.1 base score 7.1 (HIGH) with network access, no privileges required, user interacti...

CVE-2025-23454 WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in flashmaniac Nature FlipBook vertical-diamond-flipbook-flash allows Reflected XSS.This issue affects Nature FlipBook: from n/a through = 1.7...

PT-2025-4887 · Unknown · Nature Flipbook

Name of the Vulnerable Software and Affected Versions: Nature FlipBook versions n/a through 1.7 Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This means an attacker can inject malicious script...

WordPress plugin Nature FlipBook 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Nature FlipBook WordPress Plugin plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Nature FlipBook versions = 1.7...