24 matches found
EUVD-2025-5398
Malicious code in bioql PyPI...
EUVD-2025-10750
Malicious code in bioql PyPI...
EUVD-2025-9776
Malicious code in bioql PyPI...
EUVD-2025-11611
Malicious code in bioql PyPI...
EUVD-2025-17133
Malicious code in bioql PyPI...
CVE-2025-49075
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Stored XSS.This issue affects Wishlist: from n/a through = 1.0.43...
CVE-2025-49075
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Stored XSS.This issue affects Wishlist: from n/a through = 1.0.43...
CVE-2025-49075
CVE-2025-49075: WordPress Wishlist plugin
PT-2025-24093 · Pickplugins · Pickplugins Wishlist
Name of the Vulnerable Software and Affected Versions: PickPlugins Wishlist versions 1.0.43 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...
CVE-2025-24655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through = 1.0.39...
CVE-2025-24655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through = 1.0.39...
PT-2025-17044 · WordPress · Pickplugins Wishlist
Name of the Vulnerable Software and Affected Versions: PickPlugins Wishlist versions 1.0.0 through 1.0.39 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers ...
CVE-2025-32618
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through = 1.0.46...
CVE-2025-32618 WordPress Wishlist plugin <= 1.0.46 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through = 1.0.46...
CVE-2025-32618
CVE-2025-32618 affects the Wishlist WordPress plugin. An authenticated (Subscriber+) SQL Injection exists due to improper input handling in Wishlist, affecting versions up to 1.0.44 (per Wordfence; initial doc cites 1.0.43). CVSS v3.1 base score 8.5 (HIGH). Remediation: update Wishlist to a patch...
PT-2025-16086 · Pickplugins · Pickplugins Wishlist
Name of the Vulnerable Software and Affected Versions: PickPlugins Wishlist versions 1.0.43 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for SQL Injection in PickPlugins Wishlist...
CVE-2025-32272
Cross-Site Request Forgery CSRF vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a through = 1.0.46...
CVE-2025-32272
Cross-Site Request Forgery CSRF vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a through = 1.0.46...
PT-2025-15026 · Pickplugins · Pickplugins Wishlist
Name of the Vulnerable Software and Affected Versions: PickPlugins Wishlist versions 1.0.44 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions 1.0.44 and...
CVE-2025-26915
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through = 1.0.41...