EUVD-2025-11670

Malicious code in bioql PyPI...

EUVD-2025-30722

Malicious code in bioql PyPI...

CVE-2025-57914

Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...

WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Deliver via Shipos for WooCommerce versions = 3.0.2...

CVE-2025-57914

Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...

CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...

CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...

CVE-2025-57914

CVE-2025-57914 : CSRF flaw in Deliver via Shipos for WooCommerce (Matat Technologies) affects the Deliver via Shipos for WooCommerce plugin up to version 3.0.2. The description confirms a Cross-Site Request Forgery vulnerability, but the provided documents do not supply exploitation details, affe...

WordPress plugin Deliver via Shipos for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. A cross-site...

PT-2025-38765

Name of the Vulnerable Software and Affected Versions Deliver via Shipos for WooCommerce versions through 3.0.2 Description A Cross-Site Request Forgery CSRF issue exists in Deliver via Shipos for WooCommerce. This allows attackers to perform actions on behalf of authenticated users...

CVE-2025-32533

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...

CVE-2025-32533 WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...

CVE-2025-32533 WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...

CVE-2025-32533

CVE-2025-32533 is a reflected XSS in the WordPress plugin Deliver via Shipos for WooCommerce (Deliver via Shipos for WooCommerce) affecting 2.1.7 and earlier. Root cause: improper neutralization of input during web page generation. Public references (NVD/Red Hat/Wordfence) confirm it as a valid i...

WordPress plugin Deliver via Shipos for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-17105 · Woocommerce · Deliver Via Shipos For Woocommerce

Name of the Vulnerable Software and Affected Versions: Deliver via Shipos for WooCommerce versions 2.1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...

CVE-2024-12222 Deliver via Shipos for WooCommerce <= 2.1.7 - Reflected Cross-Site Scripting via dvsfw_bulk_label_url Parameter

The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfwbulklabelurl’ parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2024-12222 Deliver via Shipos for WooCommerce <= 2.1.7 - Reflected Cross-Site Scripting via dvsfw_bulk_label_url Parameter

The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfwbulklabelurl’ parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2024-12222

CVE-2024-12222 affects Deliver via Shipos for WooCommerce (WordPress) via Reflected XSS in the dvsfw_bulk_label_url parameter, impacting all versions up to 2.1.7. Exploitation requires a user to click a crafted link; attackers can inject scripts in pages that execute in the context of the victim....

WordPress plugin Deliver via Shipos for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...