EUVD-2021-11147

Malware in sbrugna...

EUVD-2023-43733

Malicious code in bioql PyPI...

CVE-2021-24233

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary attribute...

LearnPress < 4.2.5.5 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape user input before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC Make a logged in admin open v...

WP Custom Cursors <= 3.0.1 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin PoC As admin, open...

PT-2022-15636 · WordPress · Website File Changes Monitor

Name of the Vulnerable Software and Affected Versions: Website File Changes Monitor WordPress plugin versions prior to 1.8.3 Description: The issue arises from the plugin's failure to sanitise and escape user input before using it in a SQL statement. This occurs via an action available to users...

DM FileManager 'login.php' Security Bypass Vulnerability

DM FileManager is prone to a security bypass vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...