CVE-2023-29438

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...

EUVD-2021-11937

Malware in sbrugna...

EUVD-2022-33750

Malicious code in bioql PyPI...

EUVD-2023-1705

Malicious code in bioql PyPI...

EUVD-2023-40462

Malicious code in bioql PyPI...

CVE-2024-11607

The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

OPENSUSE-SU-2024:13471-1 jcasgen-maven-plugin-3.5.0-1.1 on GA media

These are all security issues fixed in the jcasgen-maven-plugin-3.5.0-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2022-23291 · WordPress · Dmitrylitvinov Uploading Svg

Name of the Vulnerable Software and Affected Versions: dmitrylitvinov Uploading SVG, WEBP and ICO files plugin version 1.0.1 and earlier Description: The issue concerns an Authenticated Arbitrary File Upload vulnerability. This allows attackers to upload malicious files to the system, potentially...