EUVD-2024-32960

Malicious code in bioql PyPI...

EUVD-2025-19401

Malicious code in bioql PyPI...

CVE-2025-53273

Cross-Site Request Forgery CSRF vulnerability in Slickstream Slickstream slick-engagement allows Cross Site Request Forgery.This issue affects Slickstream: from n/a through = 2.0.3...

WordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Slickstream versions = 2.0.3...

CVE-2025-53273

Cross-Site Request Forgery CSRF vulnerability in Slickstream Slickstream slick-engagement allows Cross Site Request Forgery.This issue affects Slickstream: from n/a through = 2.0.3...

CVE-2025-53273 WordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Slickstream Slickstream slick-engagement allows Cross Site Request Forgery.This issue affects Slickstream: from n/a through = 2.0.3...

CVE-2025-53273 WordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Slickstream Slickstream allows Cross Site Request Forgery. This issue affects Slickstream: from n/a through 2.0.3...

CVE-2025-53273

CVE-2025-53273 concerns the WordPress plugin Slickstream (versions n/a through 2.0.3). The vulnerability is a Cross-Site Request Forgery (CSRF) that could enable an attacker to perform unauthorized actions within a user’s authenticated session. The initial metrics indicate a CVSS v3.1 base score ...

WordPress plugin Slickstream 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-27180 · Unknown · Slickstream

Name of the Vulnerable Software and Affected Versions: Slickstream versions n/a through 2.0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack where an attacker tricks ...

CVE-2024-10179

The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-10179

The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-10179 Slickstream: Engagement and Conversions <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slick-grid Shortcode

The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-10179 Slickstream: Engagement and Conversions <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slick-grid Shortcode

The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-10179

CVE-2024-10179 (Slickstream: Engagement and Conversions) — The WordPress Slickstream plugin is vulnerable to Stored XSS via the slick-grid shortcode in versions up to 1.4.4 due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated ...

WordPress Slickstream plugin <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slick-grid Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via slick-grid Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Slickstream versions = 1.4.4...

WordPress Slickstream Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Slickstream Type Plugin Vulnerable versions = 1.4.4 Fixed in 2.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10179 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 483fb63a8894 Credits Peter Thaleikis Required...

WordPress plugin Slickstream: Engagement and Conversions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-16093 · WordPress · Slickstream

Name of the Vulnerable Software and Affected Versions: Slickstream: Engagement and Conversions plugin for WordPress versions up to, and including, 1.4.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's slick-grid shortcode due to insufficient input sanitization an...