28 matches found
EUVD-2025-30700
Malicious code in bioql PyPI...
EUVD-2024-40611
Malicious code in bioql PyPI...
EUVD-2023-36551
Malicious code in bioql PyPI...
CVE-2025-57934
Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...
CVE-2025-57934
Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...
WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin LWS Affiliation versions = 2.3.6...
CVE-2025-57934 WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...
CVE-2025-57934 WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...
CVE-2025-57934
CVE-2025-57934 is a Cross-Site Request Forgery (CSRF) vulnerability in the LWS Affiliation WordPress plugin. Affected product: LWS Affiliation (WordPress). Affected versions: from n/a through 2.3.6. Reported CVSS v3.1 base score: 4.3 (Medium) with attack vector: network, user interaction required...
WordPress plugin LWS Affiliation 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
PT-2025-38784
Name of the Vulnerable Software and Affected Versions Aurélien LWS LWS Affiliation versions through 2.3.6 Description A Cross-Site Request Forgery CSRF issue exists in Aurélien LWS LWS Affiliation. This allows for the execution of unwanted actions on behalf of an authenticated user. The issue...
CVE-2024-43962
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
CVE-2023-32297
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LWS LWS Affiliation allows PHP Local File Inclusion.This issue affects LWS Affiliation: from n/a through 2.2.6...
CVE-2024-43962
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
CVE-2024-43962
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
CVE-2024-43962
CVE-2024-43962: WordPress LWS Affiliation plugin (versions ≤ 2.3.4) has a Missing/Incorrect Authorization vulnerability due to broken access control. This could allow an attacker with network access to bypass authorization checks and perform unauthorized actions on the affected plugin. The provid...
CVE-2024-43962 WordPress LWS Affiliation plugin <= 2.3.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
CVE-2024-43962 WordPress LWS Affiliation plugin <= 2.3.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4...
WordPress plugin LWS Affiliation 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress LWS Affiliation plugin <= 2.3.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Plugin LWS Affiliation versions = 2.3.4...