26 matches found
EUVD-2025-17673
Malicious code in bioql PyPI...
EUVD-2025-17665
Malicious code in bioql PyPI...
EUVD-2024-54104
Malicious code in bioql PyPI...
CVE-2025-49454
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49455
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through = 25.07010000-WP6.8.1-JB5.11.5...
CVE-2025-49455
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through = 25.07010000-WP6.8.1-JB5.11.5...
CVE-2025-49454
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49454 WordPress TinySalt theme < 3.10.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49454
CVE-2025-49454 is a Local File Inclusion in the LoftOcean TinySalt WordPress theme (pre-3.10.0) caused by improper control of filenames for PHP include/require statements. The vulnerability enables PHP Local File Inclusion due to referencing an attacker-controlled filename, as reported across mul...
CVE-2025-49454 WordPress TinySalt theme < 3.10.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49455 WordPress TinySalt < 3.10.0 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0...
CVE-2025-49455 WordPress WordPress-WPJobBoard <= 25.07010000-WP6.8.1-JB5.11.5 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through = 25.07010000-WP6.8.1-JB5.11.5...
CVE-2025-49455
CVE-2025-49455 affects LoftOcean TinySalt (WordPress Theme) prior to 3.10.0. The issue is described as a Deserialization of Untrusted Data vulnerability that enables Object Injection . The connected sources consistently identify TinySalt and specify the vulnerable version range as before 3.10.0, ...
PT-2025-24654 · Unknown · Loftocean Tinysalt
Name of the Vulnerable Software and Affected Versions: LoftOcean TinySalt versions prior to 3.10.0 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions prior to 3.10.0, update to version 3.10.0 or later to resolve the...
WordPress plugin TinySalt 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress plugin TinySalt 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-24653 · Unknown · Loftocean Tinysalt
Name of the Vulnerable Software and Affected Versions: LoftOcean TinySalt versions prior to 3.10.0 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...
WordPress TinySalt theme < 3.10.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Theme TinySalt versions 3.10.0...
WordPress TinySalt theme < 3.10.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme TinySalt versions 3.10.0...
WordPress TinySalt Theme < 3.10.0 is vulnerable to PHP Object Injection
Software TinySalt Type Theme Vulnerable versions 3.10.0 Fixed in 3.10.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-49455 Patch priority High CVSS severity High 9.8 Developer LoftOcean PSID 832baca8d9fd Credits Bonds Required privilege Unauthenticated Published 9...