CVE-2025-62890 WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

CVE-2025-11880

The SM CountDown Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's smcountdown shortcode in versions less than, or equal to, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-48095 WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.1.8.8...

WordPress Posts By Tag plugin <= 3.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Posts By Tag versions = 3.2.1...

PT-2025-43221

Name of the Vulnerable Software and Affected Versions LeadBI Plugin for WordPress versions through 1.7 Description The LeadBI Plugin for WordPress contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that...

WordPress plugin Theme Editor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

CVE-2025-10301

The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the saveFields function. This makes it possible for unauthenticated attackers to update plugin settings via a forged...

WordPress Simple Content Templates for Blog Posts & Pages plugin <= 2.2.61 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Simple Content Templates for Blog Posts & Pages versions = 2.2.61...

WordPress Salient Shortcodes plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Salient Shortcodes versions = 1.5.4...

EUVD-2018-3786

Malware in sbrugna...

EUVD-2017-11354

Malware in sbrugna...

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.3.17...

WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by theviper17y in WordPress Plugin WP Dispatcher versions = 1.2.0...

EUVD-2023-34912

Malicious code in bioql PyPI...

EUVD-2023-27898

Malicious code in bioql PyPI...

EUVD-2023-26807

Malicious code in bioql PyPI...

EUVD-2022-50368

Malicious code in bioql PyPI...

EUVD-2023-31231

Malicious code in bioql PyPI...

EUVD-2023-29035

Malicious code in bioql PyPI...

EUVD-2023-27817

Malicious code in bioql PyPI...