30 matches found
EUVD-2023-38126
Malicious code in bioql PyPI...
EUVD-2025-18946
Malicious code in bioql PyPI...
EUVD-2024-51599
Malicious code in bioql PyPI...
CVE-2025-49977
Cross-Site Request Forgery CSRF vulnerability in mylacventures WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through = 2.3.4...
CVE-2025-49977
Cross-Site Request Forgery CSRF vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through = 2.3.4...
CVE-2025-49977 WordPress WP Inventory Manager plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through = 2.3.4...
CVE-2025-49977 WordPress WP Inventory Manager plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Inventory WP Inventory Manager allows Cross Site Request Forgery. This issue affects WP Inventory Manager: from n/a through 2.3.4...
CVE-2025-49977
Cross-Site Request Forgery CSRF vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Cross Site Request Forgery.This issue affects WP Inventory Manager: from n/a through = 2.3.4...
PT-2025-26345 · WordPress · Wp Inventory Manager
Name of the Vulnerable Software and Affected Versions: WP Inventory Manager versions prior to 2.3.4 Description: A Cross-Site Request Forgery CSRF issue affects the WP Inventory Manager, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For versions prior to 2.3....
CVE-2024-13434
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-13434 WP Inventory Manager <= 2.3.2 - Reflected Cross-Site Scripting
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-13434
CVE-2024-13434 concerns the WP Inventory Manager WordPress plugin. It allows a Reflected Cross-Site Scripting (XSS) via the user-supplied parameter “message” in all versions up to 2.3.2, caused by insufficient input sanitization and inadequate output escaping. The vulnerability enables unauthenti...
CVE-2023-34002
Cross-Site Request Forgery CSRF vulnerability in WP Inventory Manager plugin = 2.1.0.13 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WP Inventory Manager plugin = 2.1.0.13 versions...
CVE-2023-34002 WordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in WP Inventory Manager plugin = 2.1.0.13 versions...
CVE-2023-34002
CVE-2023-34002 is a CSRF vulnerability in the WP Inventory Manager WordPress plugin up to version 2.1.0.13. Exploitation details in the connected records indicate Cross-Site Request Forgery via actions like delete_item, with unauthenticated attacker impact potential, and a high CVSS-like score de...
CVE-2023-2123
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2023-2123
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
Cross site scripting
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2023-2123
CVE-2023-2123 affects the WordPress plugin WP Inventory Manager prior to version 2.1.0.13. The issue is an insufficient sanitization/escaping of a parameter before it is echoed on the page, causing a Reflected Cross-Site Scripting (XSS) . Impact is limited to unauthenticated users triggering XSS ...