6 matches found
MAL-2025-47787 Malicious code in mevguard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...
CVE-2025-47787
Emlog is an open source website building system. Emlog Pro prior to version 2.5.10 contains a file upload vulnerability. The store.php component contains a critical security flaw where it fails to properly validate the contents of remotely downloaded ZIP plugin files. This insufficient validation...
CVE-2025-47787
creationtimestamp| type| source ---|---|--- 2025-05-15 19:33:06+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16546...
CVE-2025-47787
CVE-2025-47787 affects Emlog Pro prior to 2.5.10. The vulnerability resides in the store.php component, which fails to properly validate the contents of remotely downloaded ZIP plugin files, enabling arbitrary code execution on vulnerable systems. The issue is fixed in version 2.5.10. Connected s...
CVE-2023-47787
CVE-2023-47787 describes a Cross-Site Request Forgery in WordPress plugin WooCommerce Bookings affecting versions up to 2.0.3. The root cause is missing/incorrect nonce validation enabling unauthenticated actors to trigger actions via forged requests if a site administrator visits a malicious lin...
WordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce Bookings Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47787 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5d3bcce7300f Credits Rafie Muhammad...