EUVD-2025-3546

Malicious code in bioql PyPI...

CVE-2025-23637

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fxy060608 新淘客WordPress插件 wp-xintaoke allows Reflected XSS.This issue affects 新淘客WordPress插件: from n/a through = 1.1.2...

CVE-2025-23637

CVE-2025-23637 affects the WordPress plugin 新淘客WordPress插件 up to version 1.1.2. The root cause is Improper Neutralization of Input During Web Page Generation, yielding Reflected XSS in NotFound 新淘客WordPress插件. Reported details confirm a Reflected XSS vulnerability with CVSSv3.1 base score 7.1 (HI...

CVE-2025-23657

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RusAlex WordPress-to-candidate for Salesforce CRM salesforce-wordpress-to-candidate allows Reflected XSS.This issue affects WordPress-to-candidate for Salesforce CRM: from n/a through = 1.0.1...

CVE-2025-23931

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

PT-2025-5117 · WordPress · Notfound Wp Cloud

Name of the Vulnerable Software and Affected Versions: NotFound WP Cloud versions 1.4.3 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal', allowing Absolute Path Traversal. This enables unauthorized acce...

CVE-2025-23931

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

CVE-2025-23867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in markcoker WordPress File Search wpfilesearch allows Reflected XSS.This issue affects WordPress File Search: from n/a through = 1.2...