EUVD-2022-50363

Malicious code in bioql PyPI...

EUVD-2023-28429

Malicious code in bioql PyPI...

CVE-2024-37542

Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

CVE-2024-35747

Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7...

CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

CVE-2023-23870

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 versions...

CVE-2023-23972

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin = 0.8.39 versions...

CVE-2023-24387

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Organization chart plugin = 1.4.4 versions...

CVE-2023-24004

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin = 2.1.5 versions...

CVE-2023-24384

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart = 1.4.4 versions...

CVE-2023-24388

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions affects plugin forms actions create, duplicate, edit, delete...

CVE-2023-46075

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

CVE-2023-49741

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3...

CVE-2023-24373

External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

CVE-2023-0177

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2023-24407

Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

CVE-2023-24002

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin = 2.6.3 versions...

CVE-2022-47438

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin = 3.2.3 versions...

CVE-2022-0876

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-47428

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7...