CVE-2026-42733 WordPress WPCS plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

CVE-2026-42733

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...

CVE-2024-34418

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

EUVD-2024-28377

Malicious code in bioql PyPI...

EUVD-2024-37551

Malicious code in bioql PyPI...

CVE-2024-38700

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3...

CVE-2024-30456

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

CVE-2025-2169

The The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2025-2169

CVE-2025-2169 affects WPCS – WordPress Currency Switcher Professional (WordPress plugin) up to version 1.2.0.4. The issue arises from unvalidated input feeding do_shortcode, enabling unauthenticated attackers to execute arbitrary shortcodes. Connected sources confirm the vulnerability and indicat...

CVE-2024-38700

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3...

CVE-2024-38700

CVE-2024-38700 is a realmag777 WPCS (WPCS) vulnerability: Improper neutralization of output elements used by a downstream component enables unauthenticated code injection via shortcode execution. Affected range is WPCS: n/a through 1.2.0.3. The entry lists this as an Unauthenticated Arbitrary Sho...

WordPress WPCS Plugin <= 1.2.0.3 is vulnerable to Content Injection

Software WPCS Type Plugin Vulnerable versions = 1.2.0.3 Fixed in 1.2.0.4 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-38700 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2b3604018b32 Credits stealthcopter Required privilege Unauthenticat...

CVE-2024-34418

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

CVE-2024-34418 WordPress WPCS ( WordPress Custom Search ) plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tech9logy Creators WPCS WordPress Custom Search allows Stored XSS.This issue affects WPCS WordPress Custom Search : from n/a through 1.1...

WPCS < 1.2.0.2 - Cross-Site Request Forgery

Description The WPCS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.0.1. This is due to missing or incorrect nonce validation on the saveetalon function. This makes it possible for unauthenticated attackers to update the plugin's settings vi...

CVE-2024-30456

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

CVE-2024-30456

CVE-2024-30456 describes a Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS (WordPress Currency Switcher Pro). The issue affects WPCS versions from unspecified earliest release up to 1.2.0.1. The CVE entry includes an CVSS vector with AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicat...

CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1...

WordPress WPCS Plugin <= 1.2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WPCS Type Plugin Vulnerable versions = 1.2.0.1 Fixed in 1.2.0.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30456 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 88357d12cef3 Credits Dhabaleshwar Das Required...