EUVD-2024-0063

Malicious code in bioql PyPI...

EUVD-2025-13748

Malicious code in bioql PyPI...

CVE-2024-4941

A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the postprocess function within gradio/components/jsoncomponent.py, where a user-controlled string is parsed as JSON. If the parsed JSON...

WordPress Maps Widget for Google Maps Plugin <= 4.24 is vulnerable to Cross Site Scripting (XSS)

Software Maps Widget for Google Maps Type Plugin Vulnerable versions = 4.24 Fixed in 4.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1913 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 086ac6e4c3d5 Credits Marco Wotschka...

CVE-2021-38315

The SP Project & Document Manager WordPress plugin is vulnerable to attribute-based Reflected Cross-Site Scripting via the from and to parameters in the /functions.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.25...

Movable Type cross-site scripting vulnerability

Overview Movable Type contains a cross-site scripting vulnerability. Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is a different vulnerability than past reports on JVN. This vulnerability has been fixed and an updated version...