120 matches found
EUVD-2024-44429
Malicious code in bioql PyPI...
EUVD-2024-32719
Malicious code in bioql PyPI...
EUVD-2024-51153
Malicious code in bioql PyPI...
EUVD-2024-48949
Malicious code in bioql PyPI...
EUVD-2024-34021
Malicious code in bioql PyPI...
EUVD-2023-54781
Malicious code in bioql PyPI...
EUVD-2023-2421
Malicious code in bioql PyPI...
EUVD-2024-33515
Malicious code in bioql PyPI...
EUVD-2022-15429
Malicious code in bioql PyPI...
EUVD-2024-44025
Malicious code in bioql PyPI...
EUVD-2023-59256
Malicious code in bioql PyPI...
EUVD-2024-47601
Malicious code in bioql PyPI...
EUVD-2023-57417
Malicious code in bioql PyPI...
CVE-2025-7727
The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Fun Fact blocks in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-31915 · WordPress · Employee Directory
Name of the Vulnerable Software and Affected Versions: Employee Directory plugin for WordPress versions up to and including 4.5.1 Description: The Employee Directory plugin for WordPress is susceptible to Stored Cross-Site Scripting through the noaccess msg parameter due to insufficient input...
CVE-2025-4968
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Page Builder elements Copyright Element, Hover Box, Separator With Text, FAQ, Single Image, Custom Header, Button, Call To Action, Progress Bar, Pie Chart, Round Chart, and Line...
CVE-2025-4968 WPBakery Page Builder <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Page Builder Elements
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Page Builder elements Copyright Element, Hover Box, Separator With Text, FAQ, Single Image, Custom Header, Button, Call To Action, Progress Bar, Pie Chart, Round Chart, and Line...
CVE-2025-6716 Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload1title' parameter in all versions up to, and including, 26.0.8...
CVE-2025-5528 Social Sharing Plugin – Sassy Social Share <= 3.3.75 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter
The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateormastodonshare parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4943
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...