Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25003

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00141EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/20 12:0 a.m.2 views

WordPress Add User Meta plugin Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...

6.1CVSS6.8AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/17 8:29 a.m.12 views

CVE-2025-7688

The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6.7AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 9:15 a.m.6 views

CVE-2025-7688

The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS0.00141EPSS
Exploits0References3
CVE
CVE
added 2025/08/15 8:25 a.m.21 views

CVE-2025-7688

CVE-2025-7688 affects the WordPress Add User Meta plugin (versions ≤ 1.0.1). The vulnerability is a Cross-Site Forgery risk caused by missing or incorrect nonce validation on the add-user-meta page, enabling unauthenticated attackers to forge requests that update settings and inject stored script...

6.1CVSS6.7AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/15 8:25 a.m.7 views

CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS0.00141EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/15 8:25 a.m.3 views

CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6.1AI score0.00141EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.5 views

PT-2025-33462 · WordPress · Add User Meta

Name of the Vulnerable Software and Affected Versions: Add User Meta plugin for WordPress versions up to and including 1.0.1 Description: The Add User Meta plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add-user-meta page. Thi...

6.1CVSS6.3AI score0.00141EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

WordPress plugin Add User Meta 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...

6.1CVSS6.7AI score0.00141EPSS
Exploits0References5
Rows per page
Query Builder