162 matches found
Viral Signup <= 2.1 - SQL Injection
The Viral Signup limited opt-in with viral referral sharing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...
CVE-2017-20245 Wow Viral Signups 2.1 WordPress Plugin SQL Injection
Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...
EUVD-2017-18971
Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...
CVE-2017-20245
CVE-2017-20245 affects the Wow Viral Signups 2.1 WordPress plugin. It describes an SQL injection through the unescaped idsignup POST parameter in admin-ajax.php, allowing unauthenticated attackers to extract data from the database. CVSS 3.1 base score 8.2 (HIGH) and CVSS 4.0 base score 8.8 (HIGH)...
WordPress plugin Wow Viral Signups SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-47768
Wow Viral Signups 2.1 WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter. Attackers can send crafted requests to the admin-ajax.php endpoint with malicious SQL payload...
Agentic AI As a Cybersecurity Attack Surface: Threats, Exploits, and Defenses in Runtime Supply Chains
Agentic systems built on large language models LLMs extend beyond text generation to autonomously retrieve information and invoke tools. This runtime execution model shifts the attack surface from build-time artifacts to inference-time dependencies, exposing agents to manipulation through untrust...
Malicious code in n8n-nodes-viral-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b674c80512825238bef8f46f867856034796bf31343fa3c9e20f4b74e9b6da8f The package n8n-nodes-viral-app was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-199363
Malicious code in n8n-nodes-viral-app npm...
MAL-2025-64744 Malicious code in organisational_cicada_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9959e38113f772211dd5b3b902d9b51438a731c4e19d047bfc244c5530ebb611 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in udin-lontong47-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ce0856581fc21c748ac7d25d0a6f25cf8f469f3e2fbda9a5e73460492436ce0 The package udin-lontong47-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...
EUVD-2014-4455
Malware in sbrugna...
EUVD-2019-5476
Malware in sbrugna...
EUVD-2008-2860
Malware in sbrugna...
WordPress Ultimate Viral Quiz plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Nabil Irawan in WordPress Plugin Ultimate Viral Quiz versions = 1.0...
EUVD-2025-17180
Malicious code in bioql PyPI...
EUVD-2025-9182
Malicious code in bioql PyPI...
EUVD-2025-17179
Malicious code in bioql PyPI...
EUVD-2023-32608
Malicious code in bioql PyPI...
EUVD-2023-38073
Malicious code in bioql PyPI...