13 matches found
EUVD-2025-13864
Malicious code in bioql PyPI...
EUVD-2025-8367
Malicious code in bioql PyPI...
CVE-2025-47447
Cross-Site Request Forgery CSRF vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Cross Site Request Forgery.This issue affects Cool Author Box: from n/a through = 3.0.0...
CVE-2025-47447
Cross-Site Request Forgery CSRF vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Cross Site Request Forgery.This issue affects Cool Author Box: from n/a through = 3.0.0...
CVE-2025-47447 WordPress Cool Author Box plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Cross Site Request Forgery.This issue affects Cool Author Box: from n/a through = 3.0.0...
CVE-2025-47447
CVE-2025-47447 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Cool Author Box” (vulnerable through 3.0.0). The issue stems from CSRF protection gaps in Cool Author Box, enabling CSRF exploitation. Public sources (Patchstack, PT-Security) indicate affected versions u...
WordPress Cool Author Box plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Cool Author Box versions = 3.0.0...
WordPress plugin Cool Author Box 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...
PT-2025-20083 · Unknown · Hossni Mubarak Cool Author Box
Name of the Vulnerable Software and Affected Versions: Hossni Mubarak Cool Author Box versions prior to 3.0.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. Recommendations: For versions prior to 3.0.0, update to version 3.0...
CVE-2025-30830
Missing Authorization vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cool Author Box: from n/a through = 2.9.9...
CVE-2025-30830
Missing Authorization vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cool Author Box: from n/a through = 2.9.9...
WordPress Cool Author Box plugin <= 2.9.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Cool Author Box versions = 2.9.9...
CVE-2025-30830
CVE-2025-30830 : Exists in Cool Author Box (WordPress plugin) up to version 2.9.9. Root cause is Missing/Incomplete Authorization due to misconfigured access control levels, enabling unauthorized actions. Patch status in connected data shows a fix in version 2.9.9; remediation is to upgrade to 2....