EUVD-2025-4367

Malicious code in bioql PyPI...

WordPress 1 Click WordPress plugin <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation vulnerability

Cross-Site Request Forgery to Backup Process Cancellation vulnerability discovered by Joshua Provoste in WordPress Plugin 1 Click WordPress Migration versions = 2.2...

1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation

Description The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible...