Not What You Asked For: Typographic Attacks in Household Robot Manipulation

Open-vocabulary embodied AI agents increasingly rely on vision-language models such as CLIP for object perception and task grounding. However, the shared embedding space that enables this flexibility introduces a structural vulnerability to typographic attacks, where printed text in a physical...

EUVD-2021-18227

Malware in sbrugna...

EUVD-2021-18233

Malware in sbrugna...

EUVD-2021-18230

Malware in sbrugna...

EUVD-2022-24732

Malicious code in bioql PyPI...

EUVD-2025-8150

Malicious code in bioql PyPI...

CVE-2022-1418

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues...

CVE-2025-28889

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in starblank Custom Product Stickers for Woocommerce custom-product-stickers-for-woocommerce allows Reflected XSS.This issue affects Custom Product Stickers for Woocommerce: from n/a through = 1.9.0...

CVE-2025-28889

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in starblank Custom Product Stickers for Woocommerce custom-product-stickers-for-woocommerce allows Reflected XSS.This issue affects Custom Product Stickers for Woocommerce: from n/a through = 1.9.0...

CVE-2025-28889

CVE-2025-28889 is a reflected Cross-Site Scripting in the WordPress plugin “Custom Product Stickers for Woocommerce.” The connected Wordfence vulnerability listing specifies: affected software is Custom Product Stickers for Woocommerce (up to 1.9.0); vulnerability type: Reflected XSS; CVSS v3.1 b...

CVE-2025-28889 WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in starblank Custom Product Stickers for Woocommerce custom-product-stickers-for-woocommerce allows Reflected XSS.This issue affects Custom Product Stickers for Woocommerce: from n/a through = 1.9.0...

WordPress plugin Custom Product Stickers for Woocommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Custom Product Stickers for Woocommerce plugin <= 1.9.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Custom Product Stickers for Woocommerce versions = 1.9.0...

Element 安全漏洞

Element is a Matrix web collaboration client from Element Open Source. A security vulnerability exists in Element versions prior to 1.11.85, which stems from a failure to check the consistency of thumbnails for attachments, stickers, and images...

PT-2024-34880 · Element · Element Desktop +1

Name of the Vulnerable Software and Affected Versions: Element Web and Desktop versions prior to 1.11.85 Description: The issue concerns the handling of thumbnails for attachments, stickers, and images. Specifically, versions of Element Web and Desktop earlier than 1.11.85 do not check if these...

Two of Wallarm’s Open-source Tools Have Been Accepted into Black Hat Arsenal 2024

We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year. Black Hat Arsenal unites researchers and the open-source community to display...

CVE-2022-4888

The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2,...

PT-2023-15899 · WordPress · Checkout Fields Manager +12

Name of the Vulnerable Software and Affected Versions: Checkout Fields Manager WordPress plugin versions prior to 1.0.2 Abandoned Cart Recovery WordPress plugin versions prior to 1.2.5 Custom Fields for WooCommerce WordPress plugin versions prior to 1.0.4 Custom Order Number WordPress plugin...

stickers-muraux.fr Cross Site Scripting vulnerability OBB-3523413

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were firs...