EUVD-2025-10837

Malicious code in bioql PyPI...

EUVD-2025-10347

Malicious code in bioql PyPI...

EUVD-2025-10838

Malicious code in bioql PyPI...

CVE-2025-2880

The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in t...

CVE-2025-2881

The Developer Toolbar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in th...

CVE-2025-2841

The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2025-2841

CVE-2025-2841 affects Cart66 Cloud for WordPress (up to version 2.3.7). It enables unauthenticated access to phpinfo.php, exposing potentially sensitive information. As per Wordfence, this entry is currently Unpatched; no mitigation details are provided in the supplied docs.

CVE-2025-2882

The GreenPaytm by Green.Money plugin for WordPress is vulnerable to Sensitive Information Exposure in versions between 3.0.0 and 3.0.9 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in th...

CVE-2025-2883 Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure

The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive...

CVE-2025-2840

The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information...

Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure

Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure source: https://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has...

Mambo Site Server 4.0.11 - &#039;PHPInfo.php&#039; Information Disclosure

source: https://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has been reported that Mambo enables a script by default that may...