EUVD-2024-44217

Malicious code in bioql PyPI...

EUVD-2024-28429

Malicious code in bioql PyPI...

CVE-2024-30509

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Artbees SellKit allows Relative Path Traversal.This issue affects SellKit: from n/a through 1.8.1...

CVE-2024-4608

The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-4608

The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-4608

The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-4608 SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-4608

CVE-2024-4608 affects the SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster (WordPress). It is a Stored Cross-Site Scripting vulnerability in the id parameter in all versions up to and including 1.9.8, due to insufficient input sanitization and output escaping. ...

CVE-2024-4608 SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it...

WordPress SellKit plugin <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin SellKit versions = 1.9.8...

WordPress plugin SellKit security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress SellKit Plugin <= 1.9.8 is vulnerable to Cross Site Scripting (XSS)

Software SellKit Type Plugin Vulnerable versions = 1.9.8 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4608 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 02ac2d093fda Credits stealthcopter Required privilege...

SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

Description The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. Thi...

PT-2024-31899 · WordPress · The Sellkit

Name of the Vulnerable Software and Affected Versions: The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress versions up to, and including, 1.9.8 Description: The issue is related to Stored Cross-Site Scripting via the id parameter due to...

CVE-2024-30509

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Artbees SellKit allows Relative Path Traversal.This issue affects SellKit: from n/a through 1.8.1...

CVE-2024-30509 WordPress SellKit plugin <= 1.8.1 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Artbees SellKit allows Relative Path Traversal.This issue affects SellKit: from n/a through 1.8.1...

CVE-2024-30509

CVE-2024-30509 corresponds to a WordPress SellKit vulnerability (

CVE-2024-30509 WordPress SellKit plugin <= 1.8.1 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Artbees SellKit allows Relative Path Traversal.This issue affects SellKit: from n/a through 1.8.1...

WordPress plugin SellKit 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

SellKit < 1.8.3 - Authenticated (Subscriber+) Arbitrary File Download

Description The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 1.8.1. This is due to insufficient file validation in the handlefiledownload function. This mak...