20 matches found
EUVD-2025-12802
Malicious code in bioql PyPI...
EUVD-2025-12128
Malicious code in bioql PyPI...
EUVD-2025-12804
Malicious code in bioql PyPI...
EUVD-2025-12124
Malicious code in bioql PyPI...
CVE-2025-4179
The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register new user accounts as authors...
CVE-2025-4177
The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to delete arbitrary users...
CVE-2025-4179
The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register new user accounts as authors...
CVE-2025-4177
The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to delete arbitrary users...
CVE-2025-4179
The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register new user accounts as authors...
CVE-2025-4177
CVE-2025-4177 affects the WordPress plugin Flynax Bridge . The vulnerability is due to a missing capability check in the deleteUser() function, enabling unauthenticated attackers to delete arbitrary users on all versions up to and including 2.2.0. The CVE entry indicates an unauthenticated arbitr...
CVE-2025-4179
The CVE-2025-4179 entry concerns the WordPress Flynax Bridge plugin (versions ≤ 2.2.0). The underlying issue is a missing capability check in the registerUser() function, enabling unauthenticated attackers to create new user accounts with author-level privileges (limited Privilege Escalation). Te...
PT-2025-18745 · WordPress · Flynax Bridge
Name of the Vulnerable Software and Affected Versions: Flynax Bridge plugin for WordPress versions up to, and including, 2.2.0 Description: The issue is related to limited Privilege Escalation due to a missing capability check on the registerUser function. This allows unauthenticated attackers to...
CVE-2025-3603
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for...
CVE-2025-3604
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated...
CVE-2025-3604
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated...
CVE-2025-3603
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for...
CVE-2025-3604 Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated...
CVE-2025-3604
CVE-2025-3604 affects the WordPress plugin Flynax Bridge (versions up to and including 2.2.0). The issue is unauthenticated privilege escalation via account takeover caused by insufficient validation of a user’s identity before updating details like email, enabling an attacker to change arbitrary...
PT-2025-17716
Name of the Vulnerable Software and Affected Versions Flynax Bridge plugin for WordPress versions up to and including 2.2.0 Description The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover. This issue arises because the plugin does not properly validat...
WordPress Flynax Bridge plugin <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover vulnerability
Unauthenticated Privilege Escalation via Account Takeover vulnerability discovered by kr0d in WordPress Plugin Flynax Bridge versions = 2.2.0...