WordPress CoSchedule plugin <= 3.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin CoSchedule versions = 3.4.0...

CVE-2025-62974

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Stored XSS.This issue affects Headline Analyzer: from n/a through = 1.3.7...

CVE-2025-62974

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Stored XSS.This issue affects Headline Analyzer: from n/a through = 1.3.7...

PT-2025-43846

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Stored XSS.This issue affects Headline Analyzer: from n/a through = 1.3.7...

CVE-2025-49913

Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through = 3.4.0...

EUVD-2025-35542

Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through = 3.4.0...

CVE-2025-49913 WordPress CoSchedule plugin <= 3.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through = 3.4.0...

CVE-2025-49913

CVE-2025-49913 : WordPress plugin CoSchedule (coschedule-by-todaymade) suffers a Missing Authorization / Broken Access Control vulnerability, affecting versions up to and including 3.4.0. The issue allows an improperly configured access control level to be exploited, enabling unauthorized access ...

CVE-2025-49913 WordPress CoSchedule plugin <= 3.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoSchedule: from n/a through = 3.4.0...

PT-2025-43180

Name of the Vulnerable Software and Affected Versions CoSchedule versions through 3.4.0 Description An authorization issue exists in CoSchedule. The problem involves incorrectly configured access control security levels, potentially allowing unauthorized access. Recommendations Update to a versio...

WordPress Plugin CoSchedule 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2025-31280

Malicious code in bioql PyPI...

EUVD-2022-49940

Malicious code in bioql PyPI...

EUVD-2024-30592

Malicious code in bioql PyPI...

EUVD-2023-50438

Malicious code in bioql PyPI...

CVE-2025-60119

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Retrieve Embedded Sensitive Data.This issue affects CoSchedule: from n/a through = 3.3.11...

WordPress CoSchedule Plugin <= 3.3.11 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Bao - BlueRock in WordPress Plugin CoSchedule versions = 3.3.11...

CVE-2025-60119

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Retrieve Embedded Sensitive Data.This issue affects CoSchedule: from n/a through = 3.3.11...

CVE-2025-60119 WordPress CoSchedule Plugin <= 3.3.11 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in CoSchedule CoSchedule coschedule-by-todaymade allows Retrieve Embedded Sensitive Data.This issue affects CoSchedule: from n/a through = 3.3.11...

CVE-2025-60119

CVE-2025-60119 : In CoSchedule for WordPress, an Unauthenticated Sensitive Information Exposure vulnerability affects CoSchedule up to version 3.3.11 (per Wordfence). The issue leaks sensitive data to unauthorized actors due to insufficient access control. Wordfence indicates a patch is available...