EUVD-2025-14748

Malicious code in bioql PyPI...

CVE-2023-41863

Unauth. Stored Cross-Site Scripting XSS vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin = 1.7.0 versions...

CVE-2024-49298

CVE-2024-49298 is a stored cross-site scripting (XSS) vulnerability in the PeproDev Ultimate Invoice WordPress plugin (versions up to 2.0.6). The issue stems from improper neutralization of input during web page generation, enabling stored XSS. The vulnerability affects PeproDev Ultimate Invoice ...

CVE-2023-41864

Cross-Site Request Forgery CSRF vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0...

CVE-2023-41864

Technical details for CVE-2023-41864 are not provided in the supplied documents; no affected products/versions or mitigations are specified here—monitor for updates.

CVE-2024-32518

Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0...

CVE-2024-32518

CVE-2024-32518 is a Missing Authorization vulnerability affecting PeproDev Ultimate Invoice (WordPress plugin). Public details indicate impact on PeproDev Ultimate Invoice versions up to 2.0.0. Red Hat and Wordfence entries corroborate the vulnerability and note it has been patched; specific fixe...

CVE-2024-25933

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...

Cross site scripting

Unauth. Stored Cross-Site Scripting XSS vulnerability in Pepro Dev. Group PeproDev CF7 Database plugin = 1.7.0 versions...

CVE-2023-41863

CVE-2023-41863 affects the WordPress plugin PeproDev CF7 Database (≤ 1.7.0). The vulnerability is an unauthenticated Stored Cross-Site Scripting (XSS) via form submission, as detailed in Patchstack and corroborated by Wordfence listings. Impact is XSS execution impacting site visitors; exploitati...