5 matches found
EUVD-2026-43141
The Solace Extra plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.5.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete all...
Malicious code in express-starter-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7f0e424be1b6e1710d9f2670a4a9b6fbc48636560f8af2025d15de19f01e03 The package express-starter-template was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199156
Malicious code in express-starter-template npm...
MAL-2025-191089 Malicious code in express-starter-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7f0e424be1b6e1710d9f2670a4a9b6fbc48636560f8af2025d15de19f01e03 The package express-starter-template was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...