1398 matches found
EUVD-2023-44796
Malicious code in bioql PyPI...
EUVD-2024-49946
Malicious code in bioql PyPI...
EUVD-2024-17076
Malicious code in bioql PyPI...
EUVD-2024-32993
Malicious code in bioql PyPI...
EUVD-2023-34897
Malicious code in bioql PyPI...
EUVD-2023-29403
Malicious code in bioql PyPI...
EUVD-2025-12491
Malicious code in bioql PyPI...
WordPress Referral Link Tracker plugin <= 1.1.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Referral Link Tracker versions = 1.1.4...
CVE-2025-57950
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Glen Scott Plugin Security Scanner plugin-security-scanner allows Stored XSS.This issue affects Plugin Security Scanner: from n/a through = 2.0.2...
WordPress GD bbPress Tools Plugin <= 3.5.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin GD bbPress Tools versions = 3.5.3...
CVE-2025-57950
CVE-2025-57950 corresponds to a Stored XSS in the WordPress Plugin Security Scanner (Plugin Security Scanner) affecting versions up to 2.0.2. The connected Wordfence detail indicates the vulnerability is authenticated (Administrator+) and scored Medium, with a CVSS v3.1 base score of 5.9 (vector:...
PT-2025-38800
Name of the Vulnerable Software and Affected Versions Glen Scott Plugin Security Scanner versions through 2.0.2 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scrip...
WordPress plugin Plugin Security Scanner 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Accordion 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in the WordPress plugin Accordion, which can be...
CVE-2025-0763
The Ultimate Classified Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savecustomfields function in all versions up to, and including, 1.7. This makes it possible for authenticated attackers, with Subscriber-level access a...
CVE-2025-58876
CVE-2025-58876 is a Stored XSS in the WordPress plugin “Aparat Video Shortcode”. Affected versions are up to 0.2.4 (reported as: Aparat Video Shortcode: from n/a through 0.2.4). The underlying issue is improper input neutralization during web page generation, enabling stored cross-site scripting....
CVE-2025-58123 Lack of TLS validation in plugin BGP Monitoring on Checkmk Exchange
Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in MitM position to intercept traffic...
CVE-2025-49426 WordPress Kitring Theme <= 2.8 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dahz Kitring kitring allows PHP Local File Inclusion.This issue affects Kitring: from n/a through = 2.8...
CVE-2025-53993 WordPress JetPopup plugin <= 2.0.15 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through = 2.0.15...
WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.5.3 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.5.3...