EUVD-2025-18239

Malicious code in bioql PyPI...

EUVD-2025-18233

Malicious code in bioql PyPI...

CVE-2025-4586

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmcalendarview' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-4585

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmflat' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-4584

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmeventlist' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

WordPress IRM Newsroom plugin <= 1.2.19 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Chuck in WordPress Plugin IRM Newsroom versions = 1.2.19...

CVE-2025-4585

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmflat' shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-4584

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmeventlist' shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2025-4585

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmflat' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-4586

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmcalendarview' shortcode in all versions up to, and including, 1.2.17 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-4586 IRM Newsroom <= 1.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'irmcalendarview' Shortcode

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmcalendarview' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-4584 IRM Newsroom <= 1.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'irmeventlist' Shortcode

The IRM Newsroom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'irmeventlist' shortcode in all versions up to, and including, 1.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

PT-2025-25370 · WordPress · Irm Newsroom

Name of the Vulnerable Software and Affected Versions: IRM Newsroom plugin for WordPress versions up to, and including, 1.2.17 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'irmflat' shortcode due to insufficient input sanitization and output escaping on...

PT-2025-25371 · WordPress · Irm Newsroom

Name of the Vulnerable Software and Affected Versions: IRM Newsroom plugin for WordPress versions up to, and including, 1.2.17 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'irmcalendarview' shortcode due to insufficient input sanitization and output escaping o...

PT-2025-25369 · WordPress · Irm Newsroom

Name of the Vulnerable Software and Affected Versions: IRM Newsroom plugin for WordPress versions 1.2.17 and earlier Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'irmeventlist' shortcode due to insufficient input sanitization and output escaping on user-suppli...