EUVD-2025-144420

Malicious code in hereis-manuic-tam npm...

WordPress Welcome Popup plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Welcome Popup versions = 1.0.10...

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter vulnerability

Authenticated Administrator+ SQL Injection via postid Parameter vulnerability discovered by Pham Van Tam in WordPress Plugin Indeed Ultimate Learning Pro versions = 3.9...

WordPress FM Notification Bar plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin FM Notification Bar versions = 1.0.4...

WordPress Easy WP Tiles plugin <= 1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Easy WP Tiles versions = 1...

WordPress Content Cloner plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Content Cloner versions = 1.0.1...

WordPress Orbisius Simple Notice plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Orbisius Simple Notice versions = 1.1.3...

WordPress AnyRoad plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin AnyRoad versions = 1.3.2...

WordPress Bonjour Bar plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Bonjour Bar versions = 1.0.0...

WordPress Post-to-Post Links plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Post-to-Post Links versions = 4.2...

WordPress Posts Footer Manager Plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Posts Footer Manager versions = 2.1.0...

WordPress WP Cookie plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin WP Cookie versions = 1.0.0...

WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Ultimate Learning Pro versions = 3.9...

WordPress Highlight plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Highlight versions = 2.0.2...

Fedora: Security Advisory for nom-tam-fits (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

What is OpenAPI ❓ Concept, Examples and Advantages

What is OpenAPI? If there is anything that is growing anything like leaps and bounds then it’s API development and awareness towards API’s security. Whether it’s web API or mobile API, growth is significant in each domain. While we discuss API development, OpenAPI deserves a mention for sure. Thi...

Qualys Policy Compliance Notification: Policy Library Updates (June)

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...