129 matches found
CVE-2025-11373
CVE-2025-11373 concerns the Depicter Popup & Slider Builder for WordPress. The root cause is a missing capability check in the depicter-media-upload AJAX route, affecting all versions up to and including 4.0.4. This enables authenticated attackers with Contributor-level access or higher to upload...
CVE-2025-11373 Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload
The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability checks in the "depicter-media-upload" AJAX route in all...
WordPress Depicter Slider plugin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload vulnerability
Missing Authorization to Authenticated Contributor+ Safe File Type Upload vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Depicter Slider versions = 4.0.4...
PT-2025-45086
Name of the Vulnerable Software and Affected Versions Popup and Slider Builder by Depicter versions up to and including 4.0.4 Description The Popup and Slider Builder by Depicter plugin for WordPress has a flaw that allows authenticated attackers with Contributor-level access or higher to upload...
WordPress Depicter plugin cross-site request forgery vulnerability
WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...
WordPress plugin Popup and Slider Builder by Depicter 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
Exploit for CVE-2025-2011
CVE-2025-2011 PoC Author: X3RX3S Purpose: A proof-o...
CVE-2025-8383
The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...
CVE-2025-8383 Depicter <= 4.0.4 - Cross-Site Request Forgery
The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...
EUVD-2025-37312
The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...
CVE-2025-8383
CVE-2025-8383: Depicter for WordPress suffers a Cross-Site Request Forgery in versions
CVE-2025-8383 Depicter <= 4.0.4 - Cross-Site Request Forgery
The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less than, or equal to, 4.0.4. This is due to missing or incorrect nonce validation on the depicter-document-rules-store function. This makes it possible for unauthenticated attackers to modify document rule...
PT-2025-44593
Name of the Vulnerable Software and Affected Versions The Depicter plugin for WordPress versions prior to 4.0.5 Description The Depicter plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation within the depicter-document-rules-store...
WordPress plugin Depicter 跨站请求伪造漏洞
WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...
EUVD-2023-56204
Malicious code in bioql PyPI...
EUVD-2024-42417
Malicious code in bioql PyPI...
EUVD-2024-42395
Malicious code in bioql PyPI...
EUVD-2022-49951
Malicious code in bioql PyPI...
EUVD-2024-36646
Malicious code in bioql PyPI...
EUVD-2024-44556
Malicious code in bioql PyPI...