EUVD-2020-20506

Malware in sbrugna...

EUVD-2021-0755

Malware in sbrugna...

EUVD-2024-32836

Malicious code in bioql PyPI...

CVE-2025-48161

CVE-2025-48161 affects WordPress YaySMTP plugin: SQL Injection due to improper neutralization of special elements. Affected versions are n/a through 1.3; Wordfence lists it as patched (vulnerability entries show Patched) and PT-Security notes “Versions prior to 1.4 are affected,” implying fixes e...

CVE-2024-42385

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters...

CVE-2025-22783 WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.03 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.03...

Improper Neutralization

Mongosh is vulnerable to Improper Neutralization. The vulnerability is due to improper output sanitization due to an attacker being able to inject control characters into shell output, potentially displaying falsified messages that mislead users into executing unsafe actions...

CVE-2024-51682

CVE-2024-51682 is a stored XSS in HasThemes HT Builder – WordPress Theme Builder for Elementor (HT Builder) up to version 1.3.0. The vulnerability arises from improper input neutralization during web page generation, allowing stored XSS. Patchstack indicates fixed in 1.3.1; Red Hat/ENISA referenc...

CVE-2024-43997 WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

CVE-2024-47349 WordPress WPMobile.App plugin <= 11.50 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.50...

Command Injection

gradio is vulnerable to Command Injection. The vulnerability is due to improper neutralization of special elements within the test-functional.yml CI work flow, which results in unauthorized modification of the base repository or exfiltration of the GITHUBTOKEN, COMMENTTOKEN, or...

CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

PT-2023-13576 · Intel · Intel Ema

Name of the Vulnerable Software and Affected Versions: IntelR EMA software versions prior to 1.8.1.0 Description: The issue is related to improper neutralization in the IntelR EMA software, which may allow a privileged user to potentially enable escalation of privilege via network access...