8 matches found
EUVD-2025-13312
Malicious code in bioql PyPI...
CVE-2025-4198
The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...
CVE-2025-4198 Alink Tap <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...
CVE-2025-4198 Alink Tap <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...
CVE-2025-4198
CVE-2025-4198 – Alink Tap (WordPress) CSRF to Stored XSS . Affected: Alink Tap plugin for WordPress versions up to and including 1.3.1. Root cause: missing/incorrect nonce validation on the alink-tap page enables Cross-Site Request Forgery. Impact (per sources): unauthenticated attackers can upda...
PT-2025-18934 · WordPress · Alink Tap
Name of the Vulnerable Software and Affected Versions: Alink Tap plugin for WordPress versions up to, and including, 1.3.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'alink-tap' page. This allows unauthenticated attackers to...
WordPress plugin Alink Tap 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Alink Tap plugin <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Alink Tap versions = 1.3.1...