CVE-2025-11008

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11007

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wpajaxnoprivce21singlesignonsaveapisettings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to update the plugin's API...

WordPress CE21 Suite plugin 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via plugin Settings Update vulnerability

WordPress CE21 Suite plugin 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via plugin Settings Update vulnerability discovered by kr0d in WordPress Plugin CE21 Suite versions 2.2.1-2.3.1...

WordPress CE21 Suite plugin <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation vulnerability

Unauthenticated Sensitive Information Exposure to Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin CE21 Suite versions = 2.3.1...

CVE-2025-11008

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11007

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wpajaxnoprivce21singlesignonsaveapisettings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to update the plugin's API...

CVE-2025-11008 CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11008 CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

CVE-2025-11007 CE21 Suite 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings Update

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wpajaxnoprivce21singlesignonsaveapisettings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to update the plugin's API...

CVE-2025-11007 CE21 Suite 2.2.1 - 2.3.1 - Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings Update

The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wpajaxnoprivce21singlesignonsaveapisettings AJAX action in versions 2.2.1 to 2.3.1. This makes it possible for unauthenticated attackers to update the plugin's API...

CVE-2025-11007

CVE-2025-11007 : CE21 Suite for WordPress (versions 2.2.1–2.3.1) suffers an unauthorized plugin settings update flaw due to a missing capability check on the wp_ajax_nopriv_ce21_single_sign_on_save_api_settings action. This permits unauthenticated users to modify API settings, including the secre...

PT-2025-44917

Name of the Vulnerable Software and Affected Versions CE21 Suite plugin for WordPress versions prior to 2.3.2 Description The CE21 Suite plugin for WordPress is susceptible to sensitive information exposure through the log file. This allows unauthenticated attackers to extract sensitive data,...

WordPress plugin CE21 Suite 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An Access...

WordPress plugin CE21 Suite 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A log...

EUVD-2024-33012

Malicious code in bioql PyPI...

EUVD-2024-33022

Malicious code in bioql PyPI...

EUVD-2024-52416

Malicious code in bioql PyPI...

CVE-2024-10294

The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21singlesignonsaveapisettings' function in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2024-10284

The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21authenticationphrase' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site,...

CVE-2024-54293

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite ce21-suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through = 2.2.0...