WordPress Ohio Extra plugin cross-site scripting vulnerability

WordPress Ohio Extra plugin is a free WordPress plugin designed specifically for the OceanWP theme to enhance the theme functionality and improve the site building experience. WordPress Ohio Extra plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Ohio Extra versions = 3.6.0...

CVE-2025-64365

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through = 3.6.0...

EUVD-2025-37328

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through = 3.6.0...

CVE-2025-64365

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through = 3.6.0...

CVE-2025-64365 WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through = 3.6.0...

CVE-2025-64365

The CVE-2025-64365 entry concerns the WordPress Ohio Extra plugin (for OceanWP) with a DOM-Based XSS flaw present in versions

CVE-2025-64365 WordPress Ohio Extra plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in colabrio Ohio Extra ohio-extra allows DOM-Based XSS.This issue affects Ohio Extra: from n/a through = 3.6.0...

PT-2025-44616

Name of the Vulnerable Software and Affected Versions colabrio Ohio Extra versions through 3.6.0 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-Site Scripting issue. This allows for the potential execution of...

WordPress Plugin Ohio Extra 跨站脚本漏洞

WordPress Ohio Extra plugin is a free WordPress plugin designed specifically for the OceanWP theme to enhance the theme functionality and improve the site building experience. WordPress Ohio Extra plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

EUVD-2020-20450

Malware in sbrugna...

EUVD-2025-7719

Malicious code in bioql PyPI...

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer's network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, wa...

Nearly 1M SSNs and Health Records Exposed in Marijuana Patient Database

Ohio Medical Alliance exposed a medical marijuana patient database containing 957,000 records, including SSNs, IDs, health files, and…...

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database

Nearly a million records, which appear to be linked to a medical-cannabis-card company in Ohio, included Social Security numbers, government IDs, health conditions, and more...

Apple ID scam leads to $27,000 in-person theft of Ohio man

You've probably heard about people scamming from halfway around the world, but sometimes they turn up at your door. That's what happened in May, when 67 year-old Robert Wise of Ohio received a text telling him that his Apple ID had been compromised. It had been used at an Apple store for a $213...

CVE-2020-27958

The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1.8.18 allows remote authenticated users to provide crafted input in a job template...

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors...

CVE-2025-26924

Improper Control of Generation of Code 'Code Injection' vulnerability in colabrio Ohio Extra ohio-extra allows Code Injection.This issue affects Ohio Extra: from n/a through = 3.4.7...

CVE-2025-26924

Improper Control of Generation of Code 'Code Injection' vulnerability in colabrio Ohio Extra ohio-extra allows Code Injection.This issue affects Ohio Extra: from n/a through = 3.4.7...