Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/27 7:15 a.m.22 views

CVE-2025-1320

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

4.3CVSS6.5AI score0.00174EPSS
Exploits0References1
Circl
Circl
added 2025/03/25 7:23 a.m.5 views

CVE-2025-1320

creationtimestamp| type| source ---|---|--- 2025-03-25 07:23:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8619 2025-03-25 09:27:26+00:00| seen| https://t.me/cvedetector/21052...

4.3CVSS8.7AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2025/03/25 7:15 a.m.18 views

CVE-2025-1320

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

4.3CVSS0.00174EPSS
Exploits0References3
CVE
CVE
added 2025/03/25 7:4 a.m.69 views

CVE-2025-1320

CVE-2025-1320: teachPress WordPress plugin vulnerable to Cross-Site Forgery on Import Delete (import.php) due to missing nonce validation. Affected versions up to 9.0.9; unpatched as per sources. Attack requires user interaction via a forged request, enabling unauthenticated actors to delete impo...

4.3CVSS6.7AI score0.00174EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder