Malicious code in token-me-uk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a058b653e7a491fdf0c9128b4d2d408c2cdac6a1784adc5f02a0975a0e669eb The CLI in cli.mjs reads its API key from process.env.TOKENMEUKAPIKEY, falling back to process.env.OPENAIAPIKEY and then process.env.ANTHROPICAPIKEY...

CVE-2025-65098

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

CVE-2025-65098

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

CVE-2025-23668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected XSS.This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through =...

EUVD-2025-200971

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.40.1. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

CVE-2025-12732

CVE-2025-12732 impacts the WordPress plugin “WP Import – Ultimate CSV XML Importer for WordPress” (versions

EUVD-2025-5702

Malicious code in bioql PyPI...

EUVD-2024-48593

Malicious code in bioql PyPI...

Malicious code in azure-open-ai-accelerator (npm)

The package azure-open-ai-accelerator was found to contain malicious code...

MAL-2025-43555 Malicious code in azure-open-ai-accelerator (npm)

The package azure-open-ai-accelerator was found to contain malicious code...

KLA86381 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure OpenAI can be exploited remotely to gain privileges. 2. An elevation of...

CVE-2024-7713

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2025-23668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected XSS.This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through =...

CVE-2025-23668 WordPress ChatGPT Open AI Images & Content for WooCommerce plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound ChatGPT Open AI Images & Content for WooCommerce allows Reflected XSS. This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through 2.2.0...

CVE-2025-23668

CVE-2025-23668 affects the WordPress plugin “ChatGPT Open AI Images & Content for WooCommerce” (NotFound) up to version 2.2.0. The vulnerability is a Reflected Cross-Site Scripting (XSS) due to improper input neutralization during web page generation. Impact is described as cross-site scripting w...

CVE-2025-23668 WordPress ChatGPT Open AI Images & Content for WooCommerce plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mauricio Urrego ChatGPT Open AI Images & Content for WooCommerce glasses-for-woocommerce allows Reflected XSS.This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through =...

WordPress plugin ChatGPT Open AI Images & Content for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2024-7713

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2024-7713 AI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2024-7713

CVE-2024-7713 affects the WordPress plugin “AI ChatBot with ChatGPT and Content Generator by AYS” (versions before 2.1.0). The vulnerability allows unauthenticated users to disclose the OpenAI API Key, exposing sensitive credentials and potentially enabling misuse of the API key. Multiple connect...