CVE-2025-15285 SEO Flow by LupsOnline <= 2.2.1 - Unauthenticated Arbitrary Post/Category Modification

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

EUVD-2025-206787

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

WordPress SEO Flow by LupsOnline plugin <= 2.2.1 - Unauthenticated Arbitrary Post/Category Modification vulnerability

Unauthenticated Arbitrary Post/Category Modification vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin SEO Flow by LupsOnline versions = 2.2.1...

WordPress plugin SEO Flow by LupsOnline 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2025-15509

Malicious code in bioql PyPI...

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

CVE-2025-48146 WordPress SEO Flow by LupsOnline plugin <= 2.2.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

CVE-2025-48146

CVE-2025-48146 covers a CSRF-to-Stored XSS vulnerability in the WordPress plugin SEO Flow by LupsOnline. The vulnerability affects SEO Flow by LupsOnline versions n/a through 2.2.0, allowing an attacker to trick a logged-in user into performing actions that result in stored malicious script execu...