EUVD-2024-29801

Malicious code in bioql PyPI...

CVE-2025-58218

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition small-package-quotes-usps-edition allows Object Injection.This issue affects Small Package Quotes – USPS Edition: from n/a through = 1.3.9...

WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin Small Package Quotes – USPS Edition versions = 1.3.9...

CVE-2025-58218

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition small-package-quotes-usps-edition allows Object Injection.This issue affects Small Package Quotes – USPS Edition: from n/a through = 1.3.9...

CVE-2025-58218 WordPress Small Package Quotes – USPS Edition Plugin <= 1.3.9 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition small-package-quotes-usps-edition allows Object Injection.This issue affects Small Package Quotes – USPS Edition: from n/a through = 1.3.9...

CVE-2024-31943

Cross-Site Request Forgery CSRF vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.2...

CVE-2024-13533

The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' parameter in all versions up to, and including, 1.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

WordPress Small Package Quotes – USPS Edition plugin <= 1.3.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – USPS Edition versions = 1.3.5...

WordPress plugin Small Package Quotes – USPS Edition SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

New scams could abuse brief USPS suspension of inbound packages from China, Hong Kong

I would be the last one to provide scammers with good ideas, but as a security provider, sometimes we need to think like criminals to stay ahead in the race. Recently, the US Postal Service USPS announced that it would suspend inbound packages from China and Hong Kong until further notice. That...

USPS Text Scammers Duped His Wife, So He Hacked Their Operation

The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities...

CVE-2024-32811

Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.4...

CVE-2024-32811 WordPress USPS Shipping for WooCommerce – Live Rates plugin <= 1.9.4 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.4...

CVE-2024-32811

CVE-2024-32811 affects the WordPress plugin USPS Shipping for WooCommerce – Live Rates by Octolize. It exposes sensitive information via log files when logging data (Insertion of Sensitive Information into Log File). Affected versions are from n/a through 1.9.4. CVSS v3.1 base score 5.3 (Network,...

CVE-2024-32811 WordPress USPS Shipping for WooCommerce – Live Rates plugin <= 1.9.4 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.4...

USPS Shipping for WooCommerce – Live Rates < 1.10.0 - Sensitive Information Exposure

Description The USPS Shipping for WooCommerce – Live Rates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.4 via log files. This makes it possible for unauthenticated users to extract potentially sensitive information from log files...

Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself

...

WordPress USPS Shipping for WooCommerce – Live Rates Plugin <= 1.9.4 is vulnerable to Sensitive Data Exposure

Software USPS Shipping for WooCommerce – Live Rates Type Plugin Vulnerable versions = 1.9.4 Fixed in 1.10.0 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32811 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID...

USPS Shipping for WooCommerce – Live Rates < 1.9.3 - Cross-Site Request Forgery

Description The USPS Shipping for WooCommerce – Live Rates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attacker...

CVE-2024-31943

Cross-Site Request Forgery CSRF vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.2...