Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Biplob Adhikari

Source -

CNA

BOS Name -

Biplob Adhikari (Oxilab Development)

CNA CVEs -

12

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
12Vulnerabilities found
CVE-2024-51763
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.1||HIGH
EPSS-0.07% / 20.92%
||
7 Day CHG+0.01%
Published-09 Nov, 2024 | 09:27
Updated-12 Nov, 2024 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Team Showcase and Slider plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Team Showcase and Slider – Team Members Builder allows Reflected XSS.This issue affects Team Showcase and Slider – Team Members Builder: from n/a through 1.3.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-Team Showcase and Slider – Team Members Builder
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-37120
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 09:38
Updated-02 Aug, 2024 | 03:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Tabs plugin <= 4.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Tabs allows Stored XSS.This issue affects Tabs: from n/a through 4.0.6.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-responsive_tabsTabs
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-37122
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.07% / 21.01%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 09:34
Updated-02 Aug, 2024 | 03:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Accordions plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Accordions allows Stored XSS.This issue affects Accordions: from n/a through 2.3.5.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-accordionsAccordions
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-25962
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 18.09%
||
7 Day CHG~0.00%
Published-04 May, 2023 | 12:47
Updated-09 Jan, 2025 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Accordions Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari Accordion – Multiple Accordion or FAQs Builder plugin <= 2.3.0 versions.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-accordionsAccordion – Multiple Accordion or FAQs Builder
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-42459
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.2||HIGH
EPSS-0.24% / 46.78%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 22:17
Updated-20 Feb, 2025 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability

Auth. WordPress Options Change vulnerability in Image Hover Effects Ultimate plugin <= 9.7.1 on WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-image_hover_effects_ultimateImage Hover Effects Ultimate (WordPress plugin)
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-264
Not Available
CVE-2022-45082
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-3.4||LOW
EPSS-0.08% / 25.03%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 21:59
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-accordionsAccordions – Multiple Accordions or FAQs Builder (WordPress plugin)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-38104
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.2||HIGH
EPSS-0.35% / 56.70%
||
7 Day CHG~0.00%
Published-21 Oct, 2022 | 15:33
Updated-20 Feb, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability

Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari's Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-accordionsAccordions – Multiple Accordions or FAQs Builder (WordPress plugin)
CWE ID-CWE-264
Not Available
CVE-2022-40215
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-3.4||LOW
EPSS-0.05% / 16.68%
||
7 Day CHG~0.00%
Published-23 Sep, 2022 | 15:22
Updated-20 Feb, 2025 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Tabs plugin <= 3.7.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in Tabs plugin <= 3.7.1 at WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-tabsTabs (WordPress plugin)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-36375
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.2||HIGH
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-25 Jul, 2022 | 19:50
Updated-20 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerability

Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-responsive_tabsTabs (WordPress plugin)
CWE ID-CWE-264
Not Available
CVE-2022-33969
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.2||HIGH
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-25 Jul, 2022 | 17:45
Updated-20 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Flipbox plugin <= 2.6.0 - Authenticated WordPress Options Change vulnerability

Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-flipboxFlipbox (WordPress plugin)
CWE ID-CWE-264
Not Available
CVE-2022-33198
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 67.95%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 17:26
Updated-20 Feb, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerability

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-accordionsAccordions (WordPress plugin)
CWE ID-CWE-264
Not Available
CVE-2022-29424
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.8||MEDIUM
EPSS-0.32% / 54.40%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 19:57
Updated-20 Feb, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress.

Action-Not Available
Vendor-Biplob Adhikari (Oxilab Development)
Product-image_hover_effects_ultimateImage Hover Effects Ultimate (WordPress plugin)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')