EUVD-2023-57618

Malicious code in bioql PyPI...

EUVD-2024-33965

Malicious code in bioql PyPI...

CVE-2025-7845

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...

CVE-2024-11196

The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mctagmap shortcode in all versions up to, and including, 17.0.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2025-18930 · WordPress · Subpage List

Name of the Vulnerable Software and Affected Versions: Subpage List plugin for WordPress versions up to, and including, 1.3.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'subpages' shortcode due to insufficient input sanitization and output escaping on...

CVE-2024-13572

CVE-2024-13572 – Precious Metals Charts and Widgets for WordPress is a stored XSS vulnerability in the WordPress plugin via the nfusion-widget shortcode. Affected versions: all up to 1.2.8. An authenticated attacker with contributor-level access or higher can inject arbitrary JavaScript that exec...

PT-2024-17004 · WordPress · Wordpress Pinterest Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Pinterest Plugin versions up to, and including, 1.8.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gs pin widget' shortcode due to insufficient input sanitization and output escaping on...