254 matches found
CVE-2022-0659
The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-2439
The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-2087
The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
EUVD-2024-17579
Malicious code in bioql PyPI...
EUVD-2024-46837
Malicious code in bioql PyPI...
EUVD-2024-50161
Malicious code in bioql PyPI...
EUVD-2024-27404
Malicious code in bioql PyPI...
EUVD-2023-54355
Malicious code in bioql PyPI...
EUVD-2024-33338
Malicious code in bioql PyPI...
EUVD-2024-33220
Malicious code in bioql PyPI...
EUVD-2023-12723
Malicious code in bioql PyPI...
EUVD-2024-32557
Malicious code in bioql PyPI...
EUVD-2023-44054
Malicious code in bioql PyPI...
EUVD-2024-32455
Malicious code in bioql PyPI...
EUVD-2024-33819
Malicious code in bioql PyPI...
EUVD-2024-27696
Malicious code in bioql PyPI...
EUVD-2024-51713
Malicious code in bioql PyPI...
EUVD-2022-52050
Malicious code in bioql PyPI...
EUVD-2024-32965
Malicious code in bioql PyPI...
EUVD-2023-57899
Malicious code in bioql PyPI...