7 matches found
EUVD-2007-5958
Malware in sbrugna...
EUVD-2022-4000
Malicious code in bioql PyPI...
EUVD-2022-7721
Malicious code in bioql PyPI...
CVE-2025-4973 Workreap <= 3.3.1 - Authentication Bypass via 'workreap_verify_user_account'
The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme, is vulnerable to authentication bypass in all versions up to, and including, 3.3.1. This is due to the plugin not properly verifying a user's identity prior to logging them in when verifying an accoun...
BIT-MOODLE-2021-20282
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...
U.S. General Services Administration: Registered users contact information disclosure on salesforce lightning endpoint https://disposal.gsa.gov
Hi, Sample of the Information Disclosure is below. More records are attached -███ "LastName":"████","FullNamec":"█████████","Id":"██████████","MailingStreet":null,"Activec":false,"Emailc":null,"LastModifiedBy":"Id":"00530000009KyDqAAK","Name":"SNA...
Fedora 32 : moodle (2021-50f63a0161)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-50f63a0161 advisory. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...