EUVD-2023-54147

Malicious code in bioql PyPI...

CVE-2023-4276

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abprprofileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a...

CVE-2023-4276 Absolute Privacy <= 2.1 - Cross-Site Request Forgery to User Email/Password Change

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abprprofileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a...

PT-2023-28577 · WordPress · Absolute Privacy

Name of the Vulnerable Software and Affected Versions: Absolute Privacy plugin for WordPress versions up to, and including, 2.1 Description: The issue is due to missing nonce validation on the abpr profileShortcode function, making it possible for unauthenticated attackers to change user email an...

WordPress Plugin Absolute Privacy Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...