CVE-2025-49906

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

EUVD-2025-35548

Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through = 2.9.5.3...

EUVD-2025-30489

Malicious code in bioql PyPI...

EUVD-2025-19019

Malicious code in bioql PyPI...

CVE-2025-58974

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.2...

CVE-2025-58974

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP WPComplete wpcomplete allows Stored XSS.This issue affects WPComplete: from n/a through = 2.9.5.2...

PT-2025-39031

Name of the Vulnerable Software and Affected Versions StellarWP WPComplete versions through 2.9.5.2 Description An issue exists in StellarWP WPComplete that allows for Stored Cross-site Scripting XSS. The issue is due to improper neutralization of input during web page generation. This could allo...

CVE-2025-50046

CVE-2025-50046 concerns StellarWP WPComplete. Affected: WPComplete versions n/a through 2.9.5. Issue: Improper neutralization of input during web page generation, enabling Stored XSS. Consequence: stored script execution in user contexts (per CVSS metrics: Medium severity, 6.5/10). Status: patch/...

PT-2025-26397 · Stellarwp · Stellarwp Wpcomplete

Name of the Vulnerable Software and Affected Versions: StellarWP WPComplete versions n/a through 2.9.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...