466 matches found
EUVD-2023-50048
Malicious code in bioql PyPI...
EUVD-2023-38282
Malicious code in bioql PyPI...
EUVD-2024-43301
Malicious code in bioql PyPI...
EUVD-2022-50348
Malicious code in bioql PyPI...
EUVD-2024-26148
Malicious code in bioql PyPI...
EUVD-2023-51749
Malicious code in bioql PyPI...
EUVD-2024-40432
Malicious code in bioql PyPI...
EUVD-2024-40462
Malicious code in bioql PyPI...
MAL-2025-47898 Malicious code in @peterwiener/hoodle-plugins-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d6054e60226e11fc8823a0f2c40c7e12ac3bc01084f133848165156c128e777b The OpenSSF Package Analysis project identified '@peterwiener/hoodle-plugins-manager' @ 0.5.0 npm as malicious. It is considered malicious...
Can you disappear online? (Lock and Code S06E19)
This week on the Lock and Code podcast There's more about you online than you know. The company Acxiom, for example, has probably determined whether you’re a heavy drinker, or if you're overweight, or if you smoke or all three. The same company has also probably estimated—to the exact dollar—the...
WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Peter Thaleikis in WordPress Plugin Simple User Registration versions = 6.8...
WordPress Essential Addons for Elementor plugin <= 6.2.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Essential Addons for Elementor versions = 6.2.4...
WordPress Blogger Buzz Theme theme <= 1.2.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Theme Blogger Buzz versions = 1.2.6...
WordPress Educenter plugin <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Theme Educenter versions = 1.6.2...
WordPress Osom Blocks plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via classname Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Osom Blocks versions = 1.2.1...
WordPress Post Carousel Slider for Elementor plugin <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function vulnerability
Authenticated Subscriber+ Missing Authorization via processwbelpspromoform Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Post Carousel Slider for Elementor versions = 1.6.0...
WordPress Hello FSE Blog theme <= 1.0.6 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Peter Thaleikis in WordPress Theme Hello FSE Blog versions = 1.0.6...
WordPress Spark Multipurpose theme <= 1.0.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Theme Spark Multipurpose versions = 1.0.7...
WordPress Fitness Park theme <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Theme Fitness Park versions = 1.1.1...
WordPress Hello FSE Blog Theme <= 1.0.6 is vulnerable to Broken Access Control
Software Hello FSE Blog Type Theme Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-49970 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 248511ebb594 Credits Peter Thaleikis Required privileg...