EUVD-2025-27649

Malicious code in bioql PyPI...

CVE-2025-8481

The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.1.7. This is due to missing or incorrect nonce validation on the bdfeinstallactivaterswpbsonly function. This makes it possible for unauthenticated...

CVE-2025-8481 Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid <= 1.1.7 - Cross-Site Request Forgery

The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.1.7. This is due to missing or incorrect nonce validation on the bdfeinstallactivaterswpbsonly function. This makes it possible for unauthenticated...

CVE-2025-8481

CVE-2025-8481 concerns the WordPress plugin “Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid” (version ≤ 1.1.7). The issue is a Cross‑Site Request Forgery (CSRF) due to missing/incorrect nonce validation in the bdfe_install_activate_rswpbs_only function. The description states...

PT-2025-37132

The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.1.7. This is due to missing or incorrect nonce validation on the bdfe install activate rswpbs only function. This makes it possible for...