WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Booknetic versions = 4.8.5...

EUVD-2025-5400

Malicious code in bioql PyPI...

EUVD-2025-8106

Malicious code in bioql PyPI...

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

WordPress Booknetic plugin < 4.1.5 - Staff Creation via CSRF vulnerability

Staff Creation via CSRF vulnerability discovered by Veshraj Ghimire in WordPress Plugin Booknetic versions 4.1.5...

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

CVE-2024-13146

The CVE-2024-13146 entry concerns the WordPress Booknetic plugin (pre-4.1.5) lacking CSRF protection when creating Staff accounts, enabling a logged-in attacker to add arbitrary Staff members via CSRF. Affected: Booknetic WordPress plugin versions prior to 4.1.5. Root cause: missing CSRF check on...

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

WordPress plugin Booknetic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-12858 · WordPress · Booknetic

Name of the Vulnerable Software and Affected Versions: Booknetic WordPress plugin versions prior to 4.1.5 Description: The issue concerns a lack of CSRF check when creating Staff accounts, which could allow attackers to make logged-in admins add arbitrary Staff members via a CSRF attack. This cou...

CVE-2025-26926

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

CVE-2025-26926

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

CVE-2025-26926

CVE-2025-26926 is a CSRF vulnerability in the WordPress plugin Booknetic (versions

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

WordPress plugin Booknetic 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-7850 · Booknetic · Booknetic

Name of the Vulnerable Software and Affected Versions: Booknetic versions prior to 4.0.10 Description: A Cross-Site Request Forgery CSRF issue has been identified. This issue allows an attacker to trick a user into performing unintended actions on a web application. Recommendations: For versions...

WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Booknetic versions = 4.0.9...