WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via SQLREPORT Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via SQLREPORT Shortcode vulnerability discovered by Gilang - DJ in WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup versions = 5.25.11...

EUVD-2010-0779

Malware in sbrugna...

EUVD-2025-19548

Malicious code in bioql PyPI...

EUVD-2025-8385

Malicious code in bioql PyPI...

EUVD-2022-28402

Malicious code in bioql PyPI...

EUVD-2025-8369

Malicious code in bioql PyPI...

EUVD-2025-5428

Malicious code in bioql PyPI...

CVE-2025-6462

CVE-2025-6462 affects the WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup, with a Stored Cross-Site Scripting via the SQLREPORT shortcode in all versions up to 5.25.11. Exploitation requires authenticated access at contributor level or higher. Multiple connected reports note this v...

CVE-2025-6462 EZ SQL Reports Shortcode Widget and DB Backup <= 5.25.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via SQLREPORT Shortcode

The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SQLREPORT shortcode in all versions up to, and including, 5.25.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2025-6462 EZ SQL Reports Shortcode Widget and DB Backup <= 5.25.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via SQLREPORT Shortcode

The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SQLREPORT shortcode in all versions up to, and including, 5.25.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-27346 · WordPress · Db Backup +1

Name of the Vulnerable Software and Affected Versions: EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress versions up to, and including, 5.25.11 Description: The issue is related to Stored Cross-Site Scripting via the plugin's SQLREPORT shortcode due to insufficient input...

CVE-2025-30788

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows SQL Injection.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...

CVE-2025-30787

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...

CVE-2025-30788

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows SQL Injection.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...

CVE-2025-30787

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...

CVE-2025-30787 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...

CVE-2025-30787

CVE-2025-30787 describes a vulnerability in the EZ SQL Reports Shortcode Widget and DB Backup for WordPress, where a Cross-Site Request Forgery (CSRF) can lead to a Stored Cross-Site Scripting (XSS) condition. The description specifies the affected product as EZ SQL Reports Shortcode Widget and D...

CVE-2025-30788

CVE-2025-30788: EZ SQL Reports Shortcode Widget and DB Backup (WP plugin) contains a Cross-Site Request Forgery to Stored Cross-Site Scripting flaw in versions

CVE-2025-30788 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows SQL Injection.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.25.08...