9 matches found
EUVD-2025-210232
Unauthenticated Local File Inclusion in Quirky = 1.23 versions...
Malicious code in quirky-token (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b263413912feb72882ee0b52e7025c636ed98472ba90e6db4714b3b111b4e2e8 The package is advertised as an SVG sanitizer but exposes an undocumented getPlugin export whose returned function fetches JSON from...
MAL-2026-6066 Malicious code in quirky-token (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b263413912feb72882ee0b52e7025c636ed98472ba90e6db4714b3b111b4e2e8 The package is advertised as an SVG sanitizer but exposes an undocumented getPlugin export whose returned function fetches JSON from...
CVE-2025-69148
Unauthenticated Local File Inclusion in Quirky = 1.23 versions...
CVE-2025-69148 WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Quirky = 1.23 versions...
CVE-2025-69148
Technical details about CVE-2025-69148 (WordPress quirky theme Local File Inclusion) are not provided in the connected documents. Monitor for updates; no vendor/product/version/remediation specifics are disclosed here.
WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Quirky versions = 1.23...
EUVD-2007-3234
Malware in sbrugna...
Sql injection
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."...