23 matches found
CVE-2025-49049
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through = 12.39...
EUVD-2025-24735
Malicious code in bioql PyPI...
EUVD-2025-28096
Malicious code in bioql PyPI...
EUVD-2025-19945
Malicious code in bioql PyPI...
EUVD-2025-24736
Malicious code in bioql PyPI...
CVE-2025-29014
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomIt FoodMenu allows Reflected XSS. This issue affects FoodMenu: from n/a through 1.20...
CVE-2025-28999
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-29014
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomIt FoodMenu allows Reflected XSS. This issue affects FoodMenu: from n/a through 1.20...
CVE-2025-28999
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-28999 WordPress WooCommerce Shop Page Builder <= 2.27.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-28999
CVE-2025-28999: WordPress plugin WooCommerce Shop Page Builder
CVE-2025-29014
CVE-2025-29014 corresponds to a Reflected XSS in WordPress plugin FoodMenu (
PT-2025-33158 · Unknown · Zoomit Foodmenu
Name of the Vulnerable Software and Affected Versions: ZoomIt FoodMenu versions n/a through 1.20 Description: ZoomIt FoodMenu is susceptible to a reflected cross-site scripting XSS issue due to improper neutralization of input during web page generation. Recommendations: Versions prior to 1.21 ar...
CVE-2025-29001
Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-29001
Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-29001 WordPress WooCommerce Shop Page Builder plugin <= 2.27.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7...
CVE-2025-29001
CVE-2025-29001 describes a Missing Authorization vulnerability in the ZoomIt WooCommerce Shop Page Builder (WordPress). Affected versions are 2.27.7 and earlier. Root cause per sources: misconfigured access control/security levels allowing unauthorized access. Base CVSS 3.1 vector indicates Netwo...
PT-2025-27882 · Woocommerce · Zoomit Woocommerce Shop Page Builder
Name of the Vulnerable Software and Affected Versions: ZoomIt WooCommerce Shop Page Builder versions 2.27.7 and earlier Description: The issue is related to a Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder, which allows exploiting incorrectly configured access control...
CVE-2025-47568
Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds dzs-zoomsounds allows Object Injection.This issue affects ZoomSounds: from n/a through = 6.91...
CVE-2025-47568
Deserialization of Untrusted Data vulnerability in ZoomIt ZoomSounds dzs-zoomsounds allows Object Injection.This issue affects ZoomSounds: from n/a through = 6.91...