CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-8106

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00081EPSS

Exploits1References3

RedhatCVE•added 2025/03/28 6:32 a.m.•13 views

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

8.8CVSS6.9AI score0.00081EPSS

Exploits1References1

OSV•added 2025/03/26 6:15 a.m.•1 views

CVE-2024-13146

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

8.8CVSS5.9AI score

Exploits0References1

Cvelist•added 2025/03/26 6:0 a.m.•10 views

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

0.00081EPSS

Exploits1References1

CVE•added 2025/03/26 6:0 a.m.•58 views

CVE-2024-13146

The CVE-2024-13146 entry concerns the WordPress Booknetic plugin (pre-4.1.5) lacking CSRF protection when creating Staff accounts, enabling a logged-in attacker to add arbitrary Staff members via CSRF. Affected: Booknetic WordPress plugin versions prior to 4.1.5. Root cause: missing CSRF check on...

8.8CVSS7.1AI score0.00081EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/03/26 6:0 a.m.•7 views

CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF

The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...

7.1AI score0.00081EPSS

Exploits1References1

CNNVD•added 2025/03/26 12:0 a.m.•1 views

WordPress plugin Booknetic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.5AI score0.00081EPSS

Exploits1References1

Positive Technologies•added 2025/03/26 12:0 a.m.•2 views

PT-2025-12858 · WordPress · Booknetic

Name of the Vulnerable Software and Affected Versions: Booknetic WordPress plugin versions prior to 4.1.5 Description: The issue concerns a lack of CSRF check when creating Staff accounts, which could allow attackers to make logged-in admins add arbitrary Staff members via a CSRF attack. This cou...

8.8CVSS6.5AI score0.00081EPSS

Exploits1References7

Cvelist•added 2025/02/25 2:17 p.m.•11 views

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS0.00125EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•4 views

CVE-2025-26926 WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in fs-code Booknetic booknetic.This issue affects Booknetic: from n/a through = 4.0.9...

4.3CVSS7.2AI score0.00125EPSS

Exploits0References1

Patchstack•added 2025/02/24 10:4 a.m.•2 views

WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Booknetic versions = 4.0.9...

4.3CVSS7AI score0.00125EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by