1738 matches found
CVE-2025-31098
CVE-2025-31098 affects the DeBounce Email Validator WordPress plugin. The issue is Improper filename control in PHP Includes/Requires, enabling unauthenticated Local File Inclusion (LFI). Affected versions are up to and including 5.7; CVSS v3.1 base score 7.5 (HIGH) with NETWORK attack vector, hi...
Malicious code in skills-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ddd68a5caf984495eb4aae051d0bdd1bbfb4f1b8163b0dcb86fd996e7f24b16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3119 Malicious code in skills-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ddd68a5caf984495eb4aae051d0bdd1bbfb4f1b8163b0dcb86fd996e7f24b16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
WordPress plugin DeBounce Email Validator 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-14712 · Unknown · Debounce Email Validator
Name of the Vulnerable Software and Affected Versions: DeBounce Email Validator versions n/a through 5.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This allows PHP Local File...
CVE-2025-30789
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in clearoutio Clearout Email Validator clearout-email-validator allows Stored XSS.This issue affects Clearout Email Validator: from n/a through = 3.2.0...
CVE-2025-1781
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery SSRF. This could be exploited to read arbitrary local files if an attacker has access to exception messages...
CVE-2025-1781
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery SSRF. This could be exploited to read arbitrary local files if an attacker has access to exception messages...
CVE-2025-1781
The CVE-2025-1781 entry affects the W3CSS Validator, where an XXE flaw in versions before cssval-20250226 allows an attacker to coerce SSRF via specially crafted XML objects and, if exception messages are accessible, read arbitrary local files. Affected component is the W3CSS Validator’s XML pars...
CVE-2025-1781
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery SSRF. This could be exploited to read arbitrary local files if an attacker has access to exception messages...
CVE-2025-1781
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery SSRF. This could be exploited to read arbitrary local files if an attacker has access to exception messages...
MAL-2025-2747 Malicious code in chai-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e5e72069ba26720347311e7e7b22423d276dea2bb108ac5fb162bb4312e4ccd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chai-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e5e72069ba26720347311e7e7b22423d276dea2bb108ac5fb162bb4312e4ccd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CSS Validator 安全漏洞
CSS Validator is a CSS Cascading Style Sheet validation program from the World Wide Web W3C organization. A security vulnerability exists in previous versions of CSS Validator cssval-20250226, which stems from a vulnerability that allows an attacker to force a server-side request forgery using a...
PT-2025-13522 · W3Css · W3Css Validator
Name of the Vulnerable Software and Affected Versions: W3CSS Validator versions before cssval-20250226 Description: The issue is related to an XXE XML External Entity attack in the W3CSS Validator, which allows an attacker to use specially-crafted XML objects to coerce server-side request forgery...
CVE-2025-30789
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in clearoutio Clearout Email Validator clearout-email-validator allows Stored XSS.This issue affects Clearout Email Validator: from n/a through = 3.2.0...
WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Serial Codes Generator and Validator with WooCommerce Support versions = 2.7.7...
CVE-2025-30789 WordPress Clearout Email Validator plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in clearoutio Clearout Email Validator clearout-email-validator allows Stored XSS.This issue affects Clearout Email Validator: from n/a through = 3.2.0...
CVE-2025-30789
CVE-2025-30789 : Stored XSS in Clearout Email Validator (WordPress plugin). Public details show an authenticated (Administrator+) cross-site scripting vulnerability in Clearout Email Validator, affected versions include up to 3.2.0. The connected sources indicate a fixed state (Patched) for this ...
CVE-2025-30789 WordPress Clearout Email Validator plugin <= 3.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in clearoutio Clearout Email Validator clearout-email-validator allows Stored XSS.This issue affects Clearout Email Validator: from n/a through = 3.2.0...