EUVD-2024-50750

Malicious code in bioql PyPI...

CVE-2024-10690

The Shortcodes for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.4 via the 'SHORTCODEELEMENTOR' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

CVE-2024-13635

The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the conten...

CVE-2024-12102 Typer Core <= 1.9.6 - Authenticated (Contributor+) Post Disclosure

The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.6 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level...

Aladdin eToken 3.3.3.x Hardware USB Key Private Data Extraction

@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Advisory Advisory Name: eToken Private Information Extraction and Physical Attack Release Date: May 4, 2000 Application: N/A Platform: Aladdin eToken USB Key 3.3.3.x Severity: An attacker can access all private information...