EUVD-2025-5903

Malicious code in bioql PyPI...

WordPress Plugin Page Builder by SiteOrigin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Plugin Page Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

WordPress Plugin Page Builder Sandwich Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Plugin Page Restrict Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Page Restrict Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

MapPress < 2.88.17 - Contributor+ Stored XSS via Map Settings

Description The plugin is vulnerable to Stored Cross-Site Scripting via the width and height parameters, allowing with contributor access and above to perform Stored XSS attacks - Go to Plugin’s page /wp-admin/admin.php?page=mappressmaps - Add New Map and search any location you want. - Add XSS...

WordPress Plugin Page Builder: Live Composer Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress Plugin Page Generator SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

PT-2023-11511 · Unknown · Emlog Emlogcms

Name of the Vulnerable Software and Affected Versions: Emlog EmlogCMS version 6.0.0 Description: A remote attacker can gain access to sensitive information via the "/admin/plugin.php" function. This issue allows unauthorized access, potentially leading to data breaches. Recommendations: For Emlog...

WordPress Plugin Page Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Download Manager 3.2.43 Cross Site Scripting

Exploit Title: Download Manager Cross-Site Scripting Date: 2022-06-16 Exploit Author : Andrea Bocchetti Vendor Homepage : https://wordpress.org/plugins/download-manager/ Version : = 3.2.43 Tested on: windows CVE : CVE-2022-2101 Description 1- Login in the plugin page 2- add the xss payload in the...

New Relic: CSTI at Plugin page leading to active stored XSS (Publisher name)

Hey team, I have discovered the CSTI vulnerability at NR single Plugin page leading to stored XSS. To plant the payload you need to publish new plugin using account having the payload inside its name. Below I show you the easiest way to reproduce this using a python script which creates the new...

UBUNTU-CVE-2016-9998

SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/infoplugin.php involving the $plugin parameter, as demonstrated by a /ecrire/?exec=infoplugin URL...

WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting

Wordpress WP-FaceThumb Gallery Plugin Description: This plugin allows your visitor to take a snapshot whith a webcam and the thumb is display on your sidebar. The visitor indicate his pseudo and can let an URL which will be link to the thumb...

WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure

WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | Wordpress Plugin Page Flip Image Gallery = 0.2.2 Remote File Disclosure Vulnerability D :...

WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | Wordpress Plugin Page Flip Image Gallery = 0.2.2 Remote File Disclosure Vulnerability D : http://downloads.wordpress.org/plugin/page-flip-image-gallery.0.2.2.zip Poc :...