19 matches found
EUVD-2024-29934
Malicious code in bioql PyPI...
EUVD-2025-28188
Malicious code in bioql PyPI...
CVE-2025-48271
Missing Authorization vulnerability in Leadinfo Leadinfo leadinfo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadinfo: from n/a through = 1.1...
CVE-2025-48271
Missing Authorization vulnerability in Leadinfo Leadinfo leadinfo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadinfo: from n/a through = 1.1...
CVE-2025-48271
CVE-2025-48271 concerns the WordPress Leadinfo plugin (versions
CVE-2025-48271 WordPress Leadinfo plugin <= 1.1 - Settings Change Vulnerability
Missing Authorization vulnerability in Leadinfo Leadinfo leadinfo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadinfo: from n/a through = 1.1...
CVE-2025-48271 WordPress Leadinfo plugin <= 1.1 - Settings Change Vulnerability
Missing Authorization vulnerability in Leadinfo Leadinfo leadinfo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadinfo: from n/a through = 1.1...
CVE-2024-32112
Cross-Site Request Forgery CSRF vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0...
PT-2025-22784 · Leadinfo · Leadinfo
Name of the Vulnerable Software and Affected Versions: Leadinfo versions 1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For Leadinfo versions 1.1 a...
WordPress plugin Leadinfo 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Leadinfo < 1.1 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-32112
Cross-Site Request Forgery CSRF vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0...
CVE-2024-32112
CVE-2024-32112 is a CSRF vulnerability in the Leadinfo WordPress plugin affecting Leadinfo versions up to 1.0. The weakness enables Cross‑Site Request Forgery, with CVSS v3.1 metrics indicating Attack Vector: Network, Attack Complexity: Low, Privileges Required: None, User Interaction: Required, ...
CVE-2024-32112 WordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0...
CVE-2024-32112 WordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0...
WordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Leadinfo versions = 1.0...
WordPress Leadinfo Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Leadinfo Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32112 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9d1715057445 Credits Nguyen Xuan Chien Required...
PT-2024-24418 · Leadinfo · Leadinfo
Name of the Vulnerable Software and Affected Versions: Leadinfo versions 1.0 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software. This issue allows an attacker to perform unintended actions on a user's account. The estimated number of potentially affected devices...
WordPress Plugin Leadinfo 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...