EUVD-2023-39780

Malicious code in bioql PyPI...

CVE-2025-8575

The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lwscldeletefile' function in all versions up to, and including, 2.4.1.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to...

CVE-2025-8575

The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lwscldeletefile' function in all versions up to, and including, 2.4.1.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to...

CVE-2025-8575

CVE-2025-8575 concerns the LWS Cleaner WordPress plugin (versions up to and including 2.4.1.3). The vulnerability is an authenticated (Administrator+) arbitrary file deletion via the lws_cl_delete_file function, enabling an attacker with admin rights to delete server files (potentially enabling r...

CVE-2025-8575 LWS Cleaner <= 2.4.1.3 - Authenticated (Administrator+) Arbitrary File Deletion via 'lws_cl_delete_file'

The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lwscldeletefile' function in all versions up to, and including, 2.4.1.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to...

PT-2025-37289

Name of the Vulnerable Software and Affected Versions: LWS Cleaner plugin for WordPress versions up to and including 2.4.1.3 Description: The LWS Cleaner plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the lws cl delete file function...

WordPress plugin LWS Cleaner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

WordPress LWS Cleaner plugin <= 2.4.1.3 - Authenticated (Administrator+) Arbitrary File Deletion via 'lws_cl_delete_file' vulnerability

Authenticated Administrator+ Arbitrary File Deletion via 'lwscldeletefile' vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin LWS Cleaner versions = 2.4.1.3...

CVE-2023-35781

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

CVE-2023-35781

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

CVE-2023-35781

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

CVE-2023-35781 WordPress LWS Cleaner Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

CVE-2023-35781 WordPress LWS Cleaner Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

CVE-2023-35781

The CVE-2023-35781 entry concerns the WordPress plugin LWS Cleaner, affected versions

WordPress Plugin LWS Cleaner 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

LWS Cleaner < 2.3.1 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

WordPress LWS Cleaner Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software LWS Cleaner Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35781 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID eac11e5294d8 Credits konagash Required...