EUVD-2024-23233

Malicious code in bioql PyPI...

EUVD-2025-30736

Malicious code in bioql PyPI...

CVE-2025-57907

Missing Authorization vulnerability in Heureka Group Heureka heureka allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Heureka: from n/a through = 1.1.0...

WordPress Heureka Plugin <= 1.1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Heureka versions = 1.1.0...

CVE-2025-57907

Missing Authorization vulnerability in Heureka Group Heureka heureka allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Heureka: from n/a through = 1.1.0...

CVE-2025-57907 WordPress Heureka Plugin <= 1.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Heureka Group Heureka heureka allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Heureka: from n/a through = 1.1.0...

CVE-2025-57907

CVE-2025-57907 is a Missing Authorization vulnerability affecting the Heureka WordPress plugin. The initial description states an unauthenticated user could access functionality not properly constrained by ACLs, impacting versions up to 1.1.0. The connected Wordfence vulnerability report corrobor...

CVE-2025-57907 WordPress Heureka Plugin <= 1.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Heureka Group Heureka allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Heureka: from n/a through 1.1.0...

PT-2025-39017

Name of the Vulnerable Software and Affected Versions Heureka versions through 1.1.0 Description A missing authorization flaw exists in Heureka. This issue allows access to functionality that is not properly restricted by Access Control Lists ACLs. Recommendations Update to a version later than...

WordPress plugin Heureka 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2024-25931

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

CVE-2024-25931

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

CVE-2024-25931

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

WordPress Plugin Heureka Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2024-25931

CVE-2024-25931 is a Cross-Site Request Forgery (CSRF) vulnerability in the Heureka WordPress plugin, affecting versions

CVE-2024-25931 WordPress Heureka Plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

CVE-2024-25931 WordPress Heureka Plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8...

Heureka < 1.1.0 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action granted they can trick a site administrator into performing an action...

WordPress Heureka Plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Heureka Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.1.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-25931 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 48eac7fc144e Credits Mika Required privilege...