MAL-2025-4352 Malicious code in gatsby-plugin-source-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf49f8eebef7efd6ec079a3a0196b2b1eaeaf516da7db094412f8d5080f61f0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass

Entering the URL in browser will give you access to the respective users account. If the wordpress admin user himself...

xml_file

This plugin writes the framework messages to an XML report file. One configurable parameter exists: outputfile Plugin type Output Options Name | Type | Default Value | Description | Help ---|---|---|---|--- outputfile | outputfile | report.xml | File name where this plugin will write to | No...

url_fuzzer

This plugin will try to find new URLs based on the input. If the input is for example: http://a/a.html The plugin will request: http://a/a.html.tgz http://a/a.tgz http://a/a.zip … etc If the response is different from the 404 page whatever it may be, automatic detection is performed, then we have...

digit_sum

This plugin tries to find new URLs by changing the numbers that are present on it. Two configurable parameters exist: fuzzImages maxDigitSections An example will clarify what this plugin does, lets suppose that the input for this plugin is: http://host.tld/index1.asp This plugin will request:...

finger_google

This plugin finds mail addresses in google. Two configurable parameters exist: resultlimit fastsearch If fastsearch is set to False, this plugin searches google for : "@domain.com", requests all search results and parses them in order to find new mail addresses. If the fastsearch configuration...

user_dir

This plugin will try to find user home directories based on the knowledge gained by other plugins, and an internal knowledge base. For example, if the target URL is: http://test/ And other plugins found this valid email accounts: email protected email protected This plugin will request:...

os_commanding

This plugin will find OS commanding vulnerabilities. The detection is performed using two different techniques: Time delays Writing a known file to the HTML output With time delays, the plugin sends specially crafted requests that, if the vulnerability is present, will delay the response for 5...

user_defined_regex

This plugin greps every response for a user defined regex. You can specify a single regex or an entire file of regexes each line one regex, if both are specified, the singleregex will be added to the list of regular expressions extracted from the file. A list of example regular expressions can be...

hmap

This plugin fingerprints the remote web server and tries to determine the server type, version and patch level. It uses fingerprinting, not just the Server header returned by remote server. This plugin is a wrapper for Dustin Lees hmap. One configurable parameters exist: genFpF If genFpF is set t...

xpath

This plugin finds XPATH injections. To find this vulnerabilities the plugin sends the string "dz0" to every injection point, and searches the response for XPATH errors. Plugin type Audit Options This plugin doesnt have any user configured options. Source For more information about this plugin and...