EUVD-2018-5958

Malware in sbrugna...

EUVD-2023-46293

Malicious code in bioql PyPI...

EUVD-2022-4040

Malicious code in bioql PyPI...

EUVD-2022-34694

Malicious code in bioql PyPI...

EUVD-2024-46573

Malicious code in bioql PyPI...

EUVD-2023-50827

Malicious code in bioql PyPI...

EUVD-2022-2144

Malicious code in bioql PyPI...

EUVD-2023-43996

Malicious code in bioql PyPI...

EUVD-2023-51793

Malicious code in bioql PyPI...

CVE-2024-12280

The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when deleting its logs, which could allow attackers to make a logged in to delete them via a CSRF attack...

CVE-2021-24388

In the VikRentCar Car Rental Management System WordPress plugin before 1.1.7, there is a custom filed option by which we can manage all the fields that the users will have to fill in before saving the order. However, the field name is not sanitised or escaped before being output back in the page,...

CVE-2021-30209

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions...

CVE-2025-2871

The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajaxdismissnotice function. This makes it possible for unauthenticated attackers to update a...

PT-2025-1995 · WordPress · Wp Finance

Name of the Vulnerable Software and Affected Versions: WP Finance WordPress plugin versions 1.3.6 and earlier Description: The issue concerns the lack of CSRF checks in certain areas of the plugin, along with missing sanitization and escaping. This could allow attackers to make logged-in admins a...