EUVD-2019-2866

Malware in sbrugna...

EUVD-2022-15882

Malicious code in bioql PyPI...

Malicious code in sema-ui-components (npm)

The package sema-ui-components was found to contain malicious code...

MAL-2025-32927 Malicious code in sema-ui-components (npm)

The package sema-ui-components was found to contain malicious code...

CVE-2024-12285

The SEMA API plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘catid’ parameter in all versions up to, and including, 5.27 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

CVE-2022-0836

The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users...

CVE-2019-11162

Insufficient access control in hardware abstraction in SEMA driver for IntelR Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access...

CVE-2024-12285 SEMA API <= 5.27 - Reflected Cross-Site Scripting via catid Parameter

The SEMA API plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘catid’ parameter in all versions up to, and including, 5.27 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

CVE-2024-12285 SEMA API <= 5.27 - Reflected Cross-Site Scripting via catid Parameter

The SEMA API plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘catid’ parameter in all versions up to, and including, 5.27 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

CVE-2024-12285

CVE-2024-12285 affects the SEMA API WordPress plugin. It describes a Reflected Cross-Site Scripting vulnerability via the catid parameter caused by insufficient input sanitization and output escaping. Attackers could exploit this without authentication to inject web scripts in pages rendered when...

WordPress SEMA API plugin <= 5.27 - Reflected Cross-Site Scripting via catid Parameter vulnerability

Reflected Cross-Site Scripting via catid Parameter vulnerability discovered by vgo0 in WordPress Plugin SEMA API versions = 5.27...

WordPress plugin SEMA API 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2022-0836

The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users...

CVE-2022-0836

The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users...

Sql injection

The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users...

CVE-2022-0836 SEMA API < 4.02 - Unauthenticated SQLi

The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users...

CVE-2022-0836

The CVE-2022-0836 entry concerns the WordPress plugin SEMA API, affected versions prior to 4.02. The issue is an SQL injection caused by improper sanitisation/escaping of parameters used in SQL statements via an AJAX action, exploitable by unauthenticated users. Several connected sources (Red Hat...

PT-2022-13460 · WordPress · Sema Api Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: SEMA API WordPress plugin versions prior to 4.02 Description: The issue arises from the SEMA API WordPress plugin's failure to properly sanitise and escape certain parameters before using them in SQL statements via an AJAX action. This leads ...

WordPress plugin SEMA API SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

SEMA API < 4.02 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users PoC v 3.64: curl http://example.com/wp-admin/admin-ajax.php --data 'action=getsemadata=attributes=-3 UNION ALL...