9 matches found
EUVD-2025-25003
Malicious code in bioql PyPI...
WordPress Add User Meta plugin Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...
CVE-2025-7688
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688
CVE-2025-7688 affects the WordPress Add User Meta plugin (versions ≤ 1.0.1). The vulnerability is a Cross-Site Forgery risk caused by missing or incorrect nonce validation on the add-user-meta page, enabling unauthenticated attackers to forge requests that update settings and inject stored script...
CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
PT-2025-33462 · WordPress · Add User Meta
Name of the Vulnerable Software and Affected Versions: Add User Meta plugin for WordPress versions up to and including 1.0.1 Description: The Add User Meta plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add-user-meta page. Thi...
WordPress plugin Add User Meta 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...