EUVD-2025-27180

Malicious code in bioql PyPI...

JVN#67963942: WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting

The field labels in WordPress Plugin "Advanced Custom Fields" provided by WP Engine contains a cross-site scripting vulnerability CWE-79. Impact If an attacker with the 'capability' setting privilege which is set in the product settings stores an arbitrary script in the field label, the script ma...

CVE-2023-23784

A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests...

PT-2022-22441 · WordPress · Complianz Premium +3

Name of the Vulnerable Software and Affected Versions: Complianz WordPress plugin versions prior to 6.3.4 Complianz Premium WordPress plugin versions prior to 6.3.6 Description: The issue allows translators to inject arbitrary SQL through an unsanitized translation. This can be done through an...

CVE-2022-3494 Complianz (Free < 6.3.4, Premium < 6.3.6) - Translator SQLi

The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugin...