8 matches found
CVE-2026-24538
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through = 1.6.7...
EUVD-2025-19352
Malicious code in bioql PyPI...
EUVD-2024-43344
Malicious code in bioql PyPI...
CVE-2025-53276
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.This issue affects Omnipress: from n/a through = 1.6.4...
CVE-2025-53276
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.This issue affects Omnipress: from n/a through = 1.6.4...
CVE-2025-53276 WordPress Omnipress plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.This issue affects Omnipress: from n/a through = 1.6.4...
CVE-2024-49278
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through = 1.4.3...
CVE-2024-13407 Omnipress <= 1.5.4 - Authenticated (Contributor+) Post Disclosure
The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above,...