EUVD-2024-29193

Malicious code in bioql PyPI...

EUVD-2023-36823

Malicious code in bioql PyPI...

EUVD-2025-2954

Malicious code in bioql PyPI...

EUVD-2025-18537

Malicious code in bioql PyPI...

EUVD-2024-45890

Malicious code in bioql PyPI...

EUVD-2024-42374

Malicious code in bioql PyPI...

EUVD-2025-9153

Malicious code in bioql PyPI...

EUVD-2025-23940

Malicious code in bioql PyPI...

EUVD-2024-28390

Malicious code in bioql PyPI...

CVE-2025-24000

Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through = 3.2.0...

WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability

Account Takeover Vulnerability discovered by Denver Jackson Patchstack Alliance in WordPress Plugin Post SMTP versions = 3.2.0...

CVE-2025-49872

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through = 2.9.4.2...

CVE-2025-49857

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects myCred: from n/a through = 2.9.4.2...

CVE-2025-48118

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpExperts Hub Woocommerce Partial Shipment wc-partial-shipment allows SQL Injection.This issue affects Woocommerce Partial Shipment: from n/a through = 3.2...

CVE-2025-48118 WordPress Woocommerce Partial Shipment plugin <= 3.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpExperts Hub Woocommerce Partial Shipment wc-partial-shipment allows SQL Injection.This issue affects Woocommerce Partial Shipment: from n/a through = 3.2...

CVE-2025-48118

CVE-2025-48118 — WordPress plugin Woocommerce Partial Shipment (versions n/a through 3.2) suffers an SQL Injection due to improper neutralization of inputs. Public sources (Wordfence, Red Hat, CVE listings) confirm the vulnerability and that it affects Woocommerce Partial Shipment and has been pa...

CVE-2025-49872

CVE-2025-49872 is a Missing Authorization (Broken Access Control) vulnerability affecting the WordPress plugin myCred (versions up to and including 2.9.4.2). The advisory states that functionality is accessible without proper ACL enforcement, enabling access to restricted features. The CVSS v3.1 ...

PT-2025-25684 · WordPress · Wpexperts Hub Woocommerce Partial Shipment

Name of the Vulnerable Software and Affected Versions: WpExperts Hub Woocommerce Partial Shipment versions n/a through 3.2 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

CVE-2023-32580

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPExperts Password Protected plugin = 2.6.2 versions...

CVE-2024-13713

The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...