CVE-2025-60208

CVE-2025-60208 concerns the WordPress plugin Advanced Custom Fields: CPT Options Pages (acp-cpt-options-pages) up to version 2.0.9. Multiple connected sources confirm a Cross-Site Request Forgery (CSRF) vulnerability that enables Object Injection. The issue affects versions listed as n/a through

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

WordPress plugin Advanced Custom Fields : CPT Options Pages Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress ACF to REST API plugin <= 3.3.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mohamad Fattyr in WordPress Plugin ACF to REST API versions = 3.3.4...

EUVD-2025-34973

The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...

CVE-2025-11691

The CVE-2025-11691 entry concerns the PPOM – Product Addons & Custom Fields for WooCommerce WordPress plugin. A SQL Injection exists in PPOM_Meta::get_fields_by_id() for all versions up to 33.0.15 due to insufficient escaping of user input and inadequate query preparation. The vulnerability is ex...

CVE-2025-11691 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL Injection

The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the PPOMMeta::getfieldsbyid function in all versions up to, and including, 33.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on th...

WordPress Featured Image from URL plugin cross-site scripting vulnerability

WordPress Featured Image from URL plugin is a plugin for solving WordPress website featured image FeaturedImage related problems. The WordPress Featured Image from URL plugin suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of custom...

EUVD-2021-11777

Malware in sbrugna...

EUVD-2019-7250

Malware in sbrugna...

EUVD-2019-17840

Malware in sbrugna...

EUVD-2020-23750

Malware in sbrugna...

EUVD-2020-23025

Malware in sbrugna...

EUVD-2020-15991

Malware in sbrugna...

EUVD-2020-7304

Malware in sbrugna...

EUVD-2021-11783

Malware in sbrugna...

EUVD-2021-11300

Malware in sbrugna...

EUVD-2021-11155

Malware in sbrugna...

EUVD-2009-0673

Malware in sbrugna...