EUVD-2025-4071

Malicious code in bioql PyPI...

EUVD-2025-4070

Malicious code in bioql PyPI...

CVE-2025-25168

Cross-Site Request Forgery CSRF vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting XSS.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25167

Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25167

Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25168

Cross-Site Request Forgery CSRF vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting XSS.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25168

Cross-Site Request Forgery CSRF vulnerability in blackandwhitedigital BookPress – For Book Authors allows Cross-Site Scripting XSS. This issue affects BookPress – For Book Authors: from n/a through 1.2.7...

CVE-2025-25167

Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BookPress – For Book Authors: from n/a through 1.2.7...

CVE-2025-25167 WordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25167 WordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BookPress – For Book Authors: from n/a through 1.2.7...

CVE-2025-25167

CVE-2025-25167 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin BookPress – For Book Authors (version range: affected up to 1.2.7). The CVE description states that an attacker can exploit incorrectly configured access control security levels to bypass autho...

CVE-2025-25168 WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting XSS.This issue affects BookPress – For Book Authors: from n/a through = 1.2.7...

CVE-2025-25168 WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in blackandwhitedigital BookPress – For Book Authors allows Cross-Site Scripting XSS. This issue affects BookPress – For Book Authors: from n/a through 1.2.7...

CVE-2025-25168

CVE-2025-25168: CSRF to Stored XSS in BookPress – For Book Authors (WordPress plugin) affecting versions up to 1.2.7. The initial description states CSRF enables XSS, but does not provide specific exploit details. Connected documents (Wordfence, NVD, Patchstack) indicate patch status as Unpatched...

PT-2025-5969 · Blackandwhitedigital · Bookpress

Name of the Vulnerable Software and Affected Versions: blackandwhitedigital BookPress – For Book Authors versions 1.2.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can...

WordPress plugin BookPress – For Book Authors 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress plugin BookPress – For Book Authors 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-5970 · Bookpress · Bookpress

Name of the Vulnerable Software and Affected Versions: BookPress – For Book Authors versions 1.2.7 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Cross-Site Scripting XSS. This means an attacker could potentially trick a user into...

WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin BookPress – For Book Authors versions = 1.2.7...

WordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin BookPress – For Book Authors versions = 1.2.7...