2105 matches found
EUVD-2024-54452
Malicious code in bioql PyPI...
EUVD-2022-34464
Malicious code in bioql PyPI...
EUVD-2023-53675
Malicious code in bioql PyPI...
EUVD-2025-29712
Malicious code in bioql PyPI...
EUVD-2022-24738
Malicious code in bioql PyPI...
EUVD-2025-23717
Malicious code in bioql PyPI...
EUVD-2025-4811
Malicious code in bioql PyPI...
EUVD-2025-15124
Malicious code in bioql PyPI...
EUVD-2024-17145
Malicious code in bioql PyPI...
EUVD-2025-16696
Malicious code in bioql PyPI...
EUVD-2024-54111
Malicious code in bioql PyPI...
EUVD-2025-21206
Malicious code in bioql PyPI...
EUVD-2025-22783
Malicious code in bioql PyPI...
EUVD-2022-42778
Malicious code in bioql PyPI...
CVE-2025-9194 Constructor <= 1.6.5 - Missing Authorization to Authenticated (Subscriber+) Theme Clean
The Constructor theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clean function in all versions up to, and including, 1.6.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a them...
PT-2025-40485
Name of the Vulnerable Software and Affected Versions Constructor theme for WordPress versions prior to 1.6.6 Description The Constructor theme for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the clean function. Authenticated...
CVE-2025-60100 WordPress XStore theme < 9.6 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in 8theme XStore xstore allows Code Injection.This issue affects XStore: from n/a through 9.6...
CVE-2025-10137 Snow Monkey <= 29.1.5 - Unauthenticated Blind Server-Side Request Forgery
The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...
WordPress DentiCare Theme < 1.4.3 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme DentiCare versions 1.4.3...
WordPress Nokri Theme <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nokri versions = 1.6.4...