CVE-2026-25431

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

CVE-2026-32409

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through = 1.50.2...

CVE-2026-24998

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...

CVE-2026-24998

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through = 7.8.9.2...

CVE-2025-62048

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform SmartCrawl smartcrawl-seo.This issue affects SmartCrawl: from n/a through = 3.14.3...

EUVD-2021-23397

Malware in sbrugna...

EUVD-2023-51322

Malicious code in bioql PyPI...

EUVD-2024-30578

Malicious code in bioql PyPI...

EUVD-2024-26772

Malicious code in bioql PyPI...

EUVD-2023-56203

Malicious code in bioql PyPI...

EUVD-2024-36669

Malicious code in bioql PyPI...

EUVD-2024-22923

Malicious code in bioql PyPI...

EUVD-2022-47519

Malicious code in bioql PyPI...

EUVD-2024-22920

Malicious code in bioql PyPI...

EUVD-2023-56254

Malicious code in bioql PyPI...

EUVD-2024-36523

Malicious code in bioql PyPI...

EUVD-2024-40044

Malicious code in bioql PyPI...

WordPress Forminator Forms plugin <= 1.45.0 - Authenticated (Administrator+) SQL Injection via `order_by` Parameter vulnerability

Authenticated Administrator+ SQL Injection via orderby Parameter vulnerability discovered by Chive in WordPress Plugin Forminator versions = 1.45.0...

WordPress Forminator plugin <= 1.44.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via id and data-size Parameters vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via id and data-size Parameters vulnerability discovered by Asaf Mozes in WordPress Plugin Forminator versions = 1.44.1...

WordPress Broken Link Checker plugin <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard View vulnerability

Missing Autorization to Authenticated Subscriber+ Plugin Status Dashboard View vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin Broken Link Checker versions = 2.4.4...