EUVD-2025-13657

Malicious code in bioql PyPI...

CVE-2025-30550

Cross-Site Request Forgery CSRF vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through = 1.1.1...

CVE-2025-30550

Cross-Site Request Forgery CSRF vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through = 1.1.1...

WordPress WPshop File Upload

File upload vulnerability in WordPress WPshop plugin ajax.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WordPress WPshop eCommerce Plugin Arbitrary File Inclusion

A File Inclusion vulnerability exists in WordPress WPshop eCommerce Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code ...

WordPress WPshop eCommerce 1.3.9.5 Shell Upload Exploit

This Metasploit module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin versions 1.3.3.3 to 1.3.9.5. It allows you to upload arbitrary PHP code and get remote code execution. This Metasploit module has been tested successfully on WordPress WPshop eCommerce 1.3.9.5 with...

WordPress WPshop eCommerce 1.3.9.5 Shell Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress WPshop eCommerce Arbitrary File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in...

Wpshop - eCommerce <= 1.3.9.5 - Arbitrary File Upload

The script 'includes/ajax.php' allows execution of various actions by anonymous users. The action name is provided in the 'elementCode' parameter. One of these actions is named 'ajaxUpload'. This function allows for upload of arbitrary files, due to lack of sanitation of user input...