2965 matches found
WordPress Quick Interest Slider plugin <= 3.1.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Quick Interest Slider versions = 3.1.5...
CVE-2025-12584
The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...
CVE-2025-12584
The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...
CVE-2025-12584 Quick View for WooCommerce <= 2.2.17 - Unauthenticated Private Product Disclosure
The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...
CVE-2025-12584
The CVE CVE-2025-12584 affects the WordPress plugin Quick View for WooCommerce (versions up to 2.2.17). It exposes information via the wqv_popup_content AJAX endpoint due to insufficient access restrictions, allowing unauthenticated attackers to retrieve data from private products. The vulnerabil...
CVE-2025-12584 Quick View for WooCommerce <= 2.2.17 - Unauthenticated Private Product Disclosure
The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...
WordPress Quick View for WooCommerce plugin <= 2.2.17 - Unauthenticated Private Product Disclosure vulnerability
Unauthenticated Private Product Disclosure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Quick View for WooCommerce versions = 2.2.17...
WordPress Quick Contact Form plugin <= 8.2.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Doan Dinh Van in WordPress Plugin Quick Contact Form versions = 8.2.5...
EUVD-2025-199296
Malicious code in @quick-start-soft/quick-remove-image-background npm...
EUVD-2025-199297
Malicious code in @quick-start-soft/quick-markdown-translator npm...
EUVD-2025-199298
Malicious code in @quick-start-soft/quick-markdown-print npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198854
Malicious code in @quick-start-soft/quick-markdown-image npm...
Malicious code in @quick-start-soft/quick-document-translator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4837747658fccdc13c30d5359ffe43e237536140e50412ba0126afa5d6d8e301 The package @quick-start-soft/quick-document-translator was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198858
Malicious code in @quick-start-soft/quick-document-translator npm...
MAL-2025-190819 Malicious code in @quick-start-soft/quick-document-translator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4837747658fccdc13c30d5359ffe43e237536140e50412ba0126afa5d6d8e301 The package @quick-start-soft/quick-document-translator was found to contain malicious code. Source: ghsa-malware...
Malicious code in @quick-start-soft/quick-markdown-compose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4390993c4dc5c3a55b6da923961e34a8fa5caa1f06de7f3ac1ce24dba811c018 The package @quick-start-soft/quick-markdown-compose was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190822 Malicious code in @quick-start-soft/quick-markdown-compose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4390993c4dc5c3a55b6da923961e34a8fa5caa1f06de7f3ac1ce24dba811c018 The package @quick-start-soft/quick-markdown-compose was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198855
Malicious code in @quick-start-soft/quick-markdown-compose npm...