EUVD-2024-33396

The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpdmpppaylink shortcode in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This...

CVE-2023-4293

The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...

EUVD-2024-45918

Malicious code in bioql PyPI...

EUVD-2025-17234

Malicious code in bioql PyPI...

EUVD-2025-3854

Malicious code in bioql PyPI...

EUVD-2025-24914

Malicious code in bioql PyPI...

EUVD-2024-26898

Malicious code in bioql PyPI...

EUVD-2024-33760

Malicious code in bioql PyPI...

CVE-2025-54732

Cross-Site Request Forgery CSRF vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Cross Site Request Forgery.This issue affects WPDM – Premium Packages: from n/a through = 6.0.2...

CVE-2025-54732

Cross-Site Request Forgery CSRF vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Cross Site Request Forgery.This issue affects WPDM – Premium Packages: from n/a through = 6.0.2...

CVE-2025-54732 WordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2...

CVE-2025-54732 WordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Cross Site Request Forgery.This issue affects WPDM – Premium Packages: from n/a through = 6.0.2...

CVE-2025-54732

CVE-2025-54732 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WPDM – Premium Packages, affecting versions up to 6.0.2. The issue could allow actions to be performed on behalf of an authenticated user. Remediation: upgrade to a version later than 6.0.2 (fixed i...

WordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Mika in WordPress Plugin WPDM – Premium Packages versions = 6.0.2...

PT-2025-33389 · Unknown · Shahjada Wpdm – Premium Packages

Name of the Vulnerable Software and Affected Versions: Shahjada WPDM – Premium Packages versions through 6.0.2 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users. Recommendations: Update Shahja...

WordPress plugin WPDM – Premium Packages 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2025-30991

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Stored XSS.This issue affects WPDM – Premium Packages: from n/a through = 6.0.6...

CVE-2025-30991

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Stored XSS.This issue affects WPDM – Premium Packages: from n/a through = 6.0.6...

CVE-2025-30991

CVE-2025-30991 is a stored XSS in Premium Packages (WPDM Premium Packages) for WordPress, caused by improper input neutralization during web page generation. Affected: Premium Packages until 6.0.2. Exploitation context and user interaction: requires authentication (per Wordfence). Patch status: U...

CVE-2025-30991 WordPress Premium Packages plugin <= 6.0.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Stored XSS.This issue affects WPDM – Premium Packages: from n/a through = 6.0.6...