33 matches found
EUVD-2020-24146
Malware in sbrugna...
EUVD-2020-23992
Malware in sbrugna...
EUVD-2013-1809
Malware in sbrugna...
EUVD-2024-54451
Malicious code in bioql PyPI...
EUVD-2024-47010
Malicious code in bioql PyPI...
EUVD-2022-24736
Malicious code in bioql PyPI...
EUVD-2025-10392
Malicious code in bioql PyPI...
EUVD-2023-41887
Malicious code in bioql PyPI...
EUVD-2024-32717
Malicious code in bioql PyPI...
EUVD-2024-47452
Malicious code in bioql PyPI...
WordPress MediCenter - Health Medical Clinic Theme <= 15.1 is vulnerable to PHP Object Injection
Software MediCenter - Health Medical Clinic Type Theme Vulnerable versions = 15.1 Fixed in 15.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-54014 Patch priority High CVSS severity High 9.8 Developer EPC PSID b489f4cff59c Credits Aiden Required privilege...
PT-2025-30969 · WordPress · Kallyas Theme
Name of the Vulnerable Software and Affected Versions: kallyas theme for WordPress versions prior to 4.21.1 Description: The kallyas theme for WordPress is susceptible to Local File Inclusion via the TH LatestPosts4 widget. Authenticated attackers with Contributor-level access or higher can inclu...
CVE-2025-5393
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the aloneimportpackrestoredata function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated...
WordPress Hestia Theme <= 3.2.10 is vulnerable to Broken Access Control
Software Hestia Type Theme Vulnerable versions = 3.2.10 Fixed in 3.2.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-53986 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 41f2dbfe1ff2 Credits Martino Spagnuolo r3verii Required...
WordPress Houzez Theme <= 4.0.4 is vulnerable to Broken Access Control
Software Houzez Type Theme Vulnerable versions = 4.0.4 Fixed in 4.1.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-53997 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d8d88cb889a1 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
WordPress Sala Theme <= 1.1.3 is vulnerable to Broken Access Control
Software Sala Type Theme Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-52803 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 485a6b36a4e6 Credits Thái An Required privilege Unauthenticate...
PT-2025-27070 · WordPress · Dwt - Directory & Listing Wordpress Theme
Name of the Vulnerable Software and Affected Versions: The DWT - Directory & Listing WordPress Theme versions up to, and including, 3.3.6 Description: The issue allows for privilege escalation via account takeover due to improper checking of an empty token value prior to resetting a user's passwo...
CVE-2025-4797 Golo <= 1.7.0 - Authentication Bypass to Account Takeover
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user's identity prior to setting an authorization cookie. This makes it...
CVE-2025-39494 WordPress Wilmër theme < 3.4.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.4.2...
WordPress Finance Consultant Theme <= 2.8 is vulnerable to PHP Object Injection
Software Finance Consultant Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-32293 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID f21e6a47c3bc Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...