WordPress Stumble! for WordPress plugin <= 1.1.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Stumble! for WordPress versions = 1.1.1...

EUVD-2021-25671

Malware in sbrugna...

EUVD-2005-4852

Malware in sbrugna...

EUVD-2021-24785

Malware in sbrugna...

EUVD-2021-21303

Malware in sbrugna...

EUVD-2021-24780

Malware in sbrugna...

EUVD-2021-24790

Malware in sbrugna...

EUVD-2022-15529

Malicious code in bioql PyPI...

EUVD-2021-28080

Malicious code in bioql PyPI...

CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting

The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...

CVE-2021-38330 Yet Another bol.com Plugin <= 1.4 Reflected Cross-Site Scripting

The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /yabp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.4...

Wise Agent Capture Forms <= 1.0 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /WiseAgentCaptureForm.php file which allows attackers to inject arbitrary web scripts...

CVE-2021-34643

The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /skaut-bazar.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.2...