TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Debugging isn’t just guessing.
The Async Javascript plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '&aj_gtmetrix_username=' and '&aj_gtmetrix_api_key=' parameters in versions up to, and including, 2.20.12 ...
The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.19.07.14. This is due to missing authorization checks on the aj_steps AJAX ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results