CVE-2025-66107 WordPress Subscriptions & Memberships for PayPal plugin <= 1.1.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscriptions & Memberships for PayPal: from n/a through = 1.1.7...

EUVD-2023-28448

Malicious code in bioql PyPI...

CVE-2025-54684 WordPress Integration for Contact Form 7 and Constant Contact Plugin plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks Integration for Contact Form 7 and Constant Contact cf7-constant-contact allows Stored XSS.This issue affects Integration for Contact Form 7 and Constant Contact: from n/a through = 1.1.7...

WordPress CP Reservation Calendar Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation, and CP Reservation Calendar is one of the event calendar plugins. A SQL injection vulnerability exists in the dexreservations.php script in version 1.1.7 of the WordPress CP Reservation...