43 matches found
EUVD-2011-4982
Malware in sbrugna...
EUVD-2024-54096
Malicious code in bioql PyPI...
EUVD-2025-5614
Malicious code in bioql PyPI...
EUVD-2024-45765
Malicious code in bioql PyPI...
EUVD-2024-29133
Malicious code in bioql PyPI...
EUVD-2024-50960
Malicious code in bioql PyPI...
CVE-2024-12563
The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the...
CVE-2024-12563 s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode
The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the...
CVE-2024-12563 s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode
The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the...
CVE-2024-12563
CVE-2024-12563 (s2Member Pro) affects WordPress s2Member Pro
WordPress s2Member Pro plugin <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode vulnerability
Authenticated Contributor+ Local File Inclusion to Remote Code Execution via Shortcode vulnerability discovered by István Márton in WordPress Plugin s2Member Pro versions = 250214...
WordPress plugin s2Member Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-26879
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristián Lávaque s2Member s2member allows Reflected XSS.This issue affects s2Member: from n/a through = 241216...
CVE-2025-26879
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristián Lávaque s2Member s2member allows Reflected XSS.This issue affects s2Member: from n/a through = 241216...
CVE-2025-26879
CVE-2025-26879 is a Reflected Cross‑Site Scripting (XSS) vulnerability affecting the WordPress plugin s2Member (Pro, up to build 241216). The issue arises from improper input neutralization during web page generation, enabling a reflected XSS payload to be executed in the context of a user’s brow...
WordPress plugin s2Member Pro 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
CVE-2024-12562
The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2memberproremoteop' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...
CVE-2024-12562
The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2memberproremoteop' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...
CVE-2024-12562
The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2memberproremoteop' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...
CVE-2024-12562 s2Member Pro <= 241216 - Unauthenticated PHP Object Injection
The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2memberproremoteop' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...