665 matches found
PT-2025-46277
Name of the Vulnerable Software and Affected Versions USB Qr Code Scanner For Woocommerce plugin for WordPress versions prior to 1.0.1 Description The USB Qr Code Scanner For Woocommerce plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is a result of a lack of nonce...
CVE-2025-12175
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'tecqrcodemodal' AJAX endpoint in all versions up to, and including, 6.15.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to vi...
CVE-2025-12175 The Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'tecqrcodemodal' AJAX endpoint in all versions up to, and including, 6.15.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to vi...
EUVD-2025-37314
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'tecqrcodemodal' AJAX endpoint in all versions up to, and including, 6.15.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to vi...
PT-2025-44592
Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions through 6.15.9 Description The The Events Calendar plugin for WordPress is susceptible to unauthorized access. A missing capability check on the tec qr code modal API endpoint allows...
CVE-2025-10041
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesaveqrcodetodb function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
CVE-2025-10041
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesaveqrcodetodb function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
CVE-2025-10041
The CVE-2025-10041 entry concerns the Flex QR Code Generator WordPress plugin. Affected versions include all up to and including 1.2.5, where missing file type validation in the save_qr_code_to_db() function allows unauthenticated arbitrary file uploads, potentially enabling remote code execution...
EUVD-2025-34561
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesaveqrcodetodb function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...
WordPress Flex QR Code Generator plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by johska in WordPress Plugin Flex QR Code Generator versions = 1.2.5...
WordPress plugin Flex QR Code Generator 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
Malicious code in qr-code-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6749d8eadfe0585d427c6322c10d15c81e3e58171b08a31de2a4abbaddfb9264 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-32976
Malicious code in qr-code-demo npm...
Malicious Package
Overview qr-code-demo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48038 Malicious code in qr-code-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6749d8eadfe0585d427c6322c10d15c81e3e58171b08a31de2a4abbaddfb9264 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2018-15686
Malware in sbrugna...
EUVD-2019-7478
Malware in sbrugna...
EUVD-2019-4402
Malware in sbrugna...
EUVD-2013-4717
Malware in sbrugna...
EUVD-2018-15685
Malware in sbrugna...