27 matches found
CVE-2026-41659
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...
EUVD-2026-28270
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...
EUVD-2025-198754
Malicious code in @actbase/react-daum-postcode npm...
MAL-2025-190708 Malicious code in @actbase/react-daum-postcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6730961ddc6bcfd14bc8564e2a8ef3d34d757e1ffae65ed7ff88232e115104 The package @actbase/react-daum-postcode was found to contain malicious code. Source: ghsa-malware...
EUVD-2023-29679
Malicious code in bioql PyPI...
EUVD-2025-30709
Malicious code in bioql PyPI...
CVE-2025-57923
Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...
WordPress UK Address Postcode Validation plugin <= 3.9.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin UK Address Postcode Validation versions = 3.9.2...
CVE-2025-57923
Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...
CVE-2025-57923
CVE-2025-57923 concerns the UK Address Postcode Validation WordPress plugin. The initial description notes an Insertion of Sensitive Information into Sent Data vulnerability that exposes an API key, allowing unauthorized use and depletion of API credits when the default configuration is used. Aff...
CVE-2025-57923 WordPress UK Address Postcode Validation plugin <= 3.9.2 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...
CVE-2025-57923 WordPress UK Address Postcode Validation Plugin <= 3.9.2 - Sensitive Data Exposure Vulnerability
An Insertion of Sensitive Information into Sent Data vulnerability in the Ideal Postcodes UK Address Postcode Validation WordPress plugin exposes the API key, allowing unauthorized third parties to retrieve and reuse the key across any domain. Since API keys are unrestricted by default, with the...
PT-2025-38774
Name of the Vulnerable Software and Affected Versions Ideal Postcodes UK Address Postcode Validation versions through 3.9.2 Description A flaw exists in the UK Address Postcode Validation software that allows for the retrieval of embedded sensitive data through the insertion of sensitive...
WordPress plugin UK Address Postcode Validation Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
CVE-2023-25782
Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...
WordPress Postcode Redirect Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Postcode Redirect Type Plugin Vulnerable versions = 4.4.1 Fixed in 5.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2d5e1edfc5f4 Credits Rafie Muhammad Patchstack...
CVE-2023-25782
Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...
CVE-2023-25782
Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...
CVE-2023-25782
CVE-2023-25782 affects the WordPress plugin Service Area Postcode Checker ≤ 2.0.8. The issue is an authentication-related Cross‑Site Scripting flaw that can be triggered with admin+ privileges, per CVE and vendor records. Root cause described in related advisories is insufficient sanitization/esc...
WordPress Plugin Service Area Postcode Checker 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...