34 matches found
EUVD-2025-31414
Malicious code in bioql PyPI...
EUVD-2025-26918
Malicious code in bioql PyPI...
CVE-2025-9894
The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...
CVE-2025-9894
The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...
CVE-2025-9894 Sync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync Trigger
The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...
CVE-2025-9894
CVE-2025-9894 affects the Sync Feedly WordPress plugin (versions
WordPress Sync Feedly plugin <= 1.0.1 - Cross-Site Request Forgery to Sync Trigger vulnerability
Cross-Site Request Forgery to Sync Trigger vulnerability discovered by Nabil Irawan in WordPress Plugin Sync Feedly versions = 1.0.1...
WordPress plugin Sync Feedly 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-39714
Name of the Vulnerable Software and Affected Versions Sync Feedly plugin for WordPress versions prior to 1.0.2 Description The software is susceptible to a Cross-Site Request Forgery issue. This is due to a lack of proper nonce validation within the crsf cron job func function. An unauthenticated...
WordPress plugin Add to Feedly cross-site request forgery vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plugin Add to Feedly, no detailed...
CVE-2025-58859
Cross-Site Request Forgery CSRF vulnerability in David Merinas Add to Feedly add-to-feedly allows Stored XSS.This issue affects Add to Feedly: from n/a through = 1.2.11...
CVE-2025-58859
Cross-Site Request Forgery CSRF vulnerability in David Merinas Add to Feedly add-to-feedly allows Stored XSS.This issue affects Add to Feedly: from n/a through = 1.2.11...
CVE-2025-58859 WordPress Add to Feedly Plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in David Merinas Add to Feedly add-to-feedly allows Stored XSS.This issue affects Add to Feedly: from n/a through = 1.2.11...
CVE-2025-58859 WordPress Add to Feedly Plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in David Merinas Add to Feedly add-to-feedly allows Stored XSS.This issue affects Add to Feedly: from n/a through = 1.2.11...
CVE-2025-58859
CVE-2025-58859: WordPress Add to Feedly plugin
WordPress Add to Feedly Plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Add to Feedly versions = 1.2.11...
PT-2025-36198
Name of the Vulnerable Software and Affected Versions: Add to Feedly versions through 1.2.11 Description: A Cross-Site Request Forgery CSRF vulnerability exists in David Merinas Add to Feedly, which can also lead to Stored Cross-Site Scripting XSS. Recommendations: Update Add to Feedly to a versi...
WordPress plugin Add to Feedly 跨站请求伪造漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress plugin Add to Feedly, no detailed...
CVE-2023-2470
The Add to Feedly WordPress plugin through 1.2.11 does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-2470
The Add to Feedly WordPress plugin through 1.2.11 does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...