CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

coto Tarot, Astro & Healing 安全漏洞

Coto Tarot, Astro & Healing is a women’s emotional health and growth consulting platform developed by Coto Company in Singapore. Version 11.4.0 of Coto Tarot, Astro & Healing contains a security vulnerability. This vulnerability stems from an issue with file overwriting during the file import...

EUVD-2025-206818

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

PT-2026-5973

Name of the Vulnerable Software and Affected Versions Tarot, Astro & Healing version 11.4.0 Description A flaw exists in the file import process that allows overwriting of critical internal files. Successful exploitation could lead to arbitrary code execution or disclosure of sensitive informatio...

CVE-2025-69618

The CVE-2025-69618 issue affects Tarot, Astro & Healing v11.4.0 and is described as an arbitrary file overwrite vulnerability in the file import process. The root cause is the ability to overwrite critical internal files, which could lead to arbitrary code execution or exposure of sensitive infor...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

Malicious code in single-card-tarot (npm)

The package single-card-tarot was found to contain malicious code...

MAL-2025-33289 Malicious code in single-card-tarot (npm)

The package single-card-tarot was found to contain malicious code...

WordPress Horoscope And Tarot plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Horoscope And Tarot versions = 1.3.0...

CVE-2024-11337

The Horoscope And Tarot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'divinehoroscope' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Horoscope And Tarot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Malicious code in down_load_ebook_the_numinous_tarot_guide_by_the_numinous_rashunda_tramble_8p8s2 (npm)

--- -= Per source details. Do not edit below this line.=-...

online-tarot-reader.com Cross Site Scripting vulnerability OBB-3903187

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Tarot Card Oracle Plugin < 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Tarot Card Oracle Type Plugin Vulnerable versions 1.1.6 Fixed in 1.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1007403ec245 Credits Rafie Muhammad Patchstack Requir...

WordPress Tarot Card Oracle plugin <= 1.0.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Tarot Card Oracle plugin versions = 1.0.5. Solution Update the WordPress Tarot Card Oracle plugin to the latest available version at least 1.0.6...

WordPress Tarot Card Oracle plugin <= 1.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Tarot Card Oracle plugin versions = 1.0.5. Solution Update the WordPress Tarot Card Oracle plugin to the latest available version at least 1.0.6...

tarot-live.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1150203 Security Researcher Dipu1A Helped patch 998 vulnerabilities Received 5 Coordinated Disclosure badges Received 22 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting tarot-live.com website and i...