38 matches found
Malicious Package
Overview overstock-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview overstock-jenkins is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview overstock-login-layer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview overstock-component-library-v3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...
Malicious Package
Overview overstock-component-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview overstock-health-express is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in overstock-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 387cbf7de757b1668d6c0f2c9f81f9beab4f35af6f362c2ee434509070af2e34 The package overstock-component-library was found to contain malicious code. Source: ghsa-malware...
MAL-2026-512 Malicious code in overstock-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 387cbf7de757b1668d6c0f2c9f81f9beab4f35af6f362c2ee434509070af2e34 The package overstock-component-library was found to contain malicious code. Source: ghsa-malware...
Malicious code in overstock-login-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 359cd99825c90001defddafc25d74d784b4e71a75a8adf92e90f2371dbf8a124 The package overstock-login-layer was found to contain malicious code. Source: ghsa-malware...
MAL-2026-516 Malicious code in overstock-login-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 359cd99825c90001defddafc25d74d784b4e71a75a8adf92e90f2371dbf8a124 The package overstock-login-layer was found to contain malicious code. Source: ghsa-malware...
Malicious code in overstock-component-library-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3047a2aa0008e3dd53a44ed19238f41540af1763edd48a5db147506a32e6bf77 The package overstock-component-library-v3 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-513 Malicious code in overstock-component-library-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3047a2aa0008e3dd53a44ed19238f41540af1763edd48a5db147506a32e6bf77 The package overstock-component-library-v3 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-515 Malicious code in overstock-jenkins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8c5441a7b9b1ad7193650b05275dc85626691e1fa1f04bb0f21783fa75673c The package overstock-jenkins was found to contain malicious code. Source: ghsa-malware...
Malicious code in overstock-jenkins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8c5441a7b9b1ad7193650b05275dc85626691e1fa1f04bb0f21783fa75673c The package overstock-jenkins was found to contain malicious code. Source: ghsa-malware...
Malicious code in overstock-health-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88927f419aeeb8999fb1b8be70403f14230ba9189e1bde2179b717f55c8c3217 The package overstock-health-express was found to contain malicious code. Source: ghsa-malware...
MAL-2026-514 Malicious code in overstock-health-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88927f419aeeb8999fb1b8be70403f14230ba9189e1bde2179b717f55c8c3217 The package overstock-health-express was found to contain malicious code. Source: ghsa-malware...
WordPress Overstock Affiliate Links plugin <= 1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Overstock Affiliate Links versions = 1.1...
CVE-2025-13624
The Overstock Affiliate Links plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
EUVD-2025-204626
The Overstock Affiliate Links plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
CVE-2025-13624
The Overstock Affiliate Links plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...