101 matches found
EUVD-2024-23540
Malicious code in bioql PyPI...
EUVD-2022-38810
Malicious code in bioql PyPI...
PT-2025-29344 · Unknown · Springboot Mybatisplus
Name of the Vulnerable Software and Affected Versions: JoeyBling SpringBoot MyBatisPlus versions up to a6a825513bd688f717dbae3a196bc9c9622fea26 Description: A critical vulnerability exists in the Download function of the /file/download endpoint. Manipulation of the Name argument allows for path...
PT-2025-28147 · Unknown · Gavias Halpes
Name of the Vulnerable Software and Affected Versions: Gavias Halpes versions prior to 1.2.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject...
PT-2025-27902 · Webemailprotector · Email Address Security
Name of the Vulnerable Software and Affected Versions: Email Address Security by WebEmailProtector versions n/a through 3.3.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that ...
PT-2025-27187 · Unknown · Antoineh Football Pool
Name of the Vulnerable Software and Affected Versions: AntoineH Football Pool versions n/a through 2.12.5 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject...
PT-2025-27158 · Wpbakery · Ht Mega – Absolute Addons
Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons for WPBakery Page Builder versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This...
PT-2025-27088 · Backwp · Backwp
Name of the Vulnerable Software and Affected Versions: Backwp versions n/a through 2.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions n/a through 2.0.2,...
PT-2025-26399 · Unknown · Atakan Au Automatically Hierarchic Categories In Menu
Name of the Vulnerable Software and Affected Versions: Atakan Au Automatically Hierarchic Categories in Menu versions 2.0.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS...
PT-2025-26372 · Hand Talk · Hand Talk
Name of the Vulnerable Software and Affected Versions: Hand Talk versions n/a through 6.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts...
PT-2025-26378 · Unknown · Better Random Redirect
Name of the Vulnerable Software and Affected Versions: Better Random Redirect versions 1.3.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...
PT-2025-26375 · Tealium · Tealium
Name of the Vulnerable Software and Affected Versions: Tealium versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious script...
PT-2025-26383 · Spoki · Spoki
Name of the Vulnerable Software and Affected Versions: Spoki versions through 2.16.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts into w...
PT-2025-25736 · Unknown · Cubewp Framework
Name of the Vulnerable Software and Affected Versions: CubeWP Framework versions 1.1.23 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS in the CubeWP Framework...
PT-2025-25735 · Cyberchimps · Cyberchimps Responsive Blocks
Name of the Vulnerable Software and Affected Versions: CyberChimps Responsive Blocks versions 2.0.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacke...
PT-2025-24499 · Unknown · Quitenicestuff Soho Hotel
Name of the Vulnerable Software and Affected Versions: quitenicestuff Soho Hotel versions through 4.2.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions throu...
PT-2025-24481 · Redqteam · Wishlist
Name of the Vulnerable Software and Affected Versions: redqteam Wishlist versions n/a through 2.1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to...
PT-2025-24206 · Unknown · Shiftnav – Responsive Mobile Menu
Name of the Vulnerable Software and Affected Versions: ShiftNav – Responsive Mobile Menu versions 1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attacker c...
PT-2025-24164 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: Broadly for WordPress versions 3.0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers to...
PT-2025-24093 · Pickplugins · Pickplugins Wishlist
Name of the Vulnerable Software and Affected Versions: PickPlugins Wishlist versions 1.0.43 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...