20 matches found
CVE-2025-62893
Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine mediavine-create allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Create by Mediavine: from n/a through = 1.9.14...
EUVD-2025-36045
Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine mediavine-create allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Create by Mediavine: from n/a through = 1.9.14...
CVE-2025-62893
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-62893
...
CVE-2025-62893
CVE-2025-62893 (mode C): The connected Red Hat and EUVD/EUV sources describe an Authorization Bypass Through a User-Controlled Key in the Mediavine Create by Mediavine mediavine-create plugin. The affected version range is from n/a through 1.9.14. The root cause is a misconfigured access control ...
CVE-2025-62893
...
PT-2025-43772
Authorization Bypass Through User-Controlled Key vulnerability in mediavine Create by Mediavine mediavine-create allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Create by Mediavine: from n/a through = 1.9.14...
EUVD-2024-40156
Malicious code in bioql PyPI...
EUVD-2024-36708
Malicious code in bioql PyPI...
CVE-2024-5601
The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-37495
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.7...
CVE-2024-43264
Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.8...
CVE-2024-43264
Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.8...
CVE-2024-43264
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by Mediavine.This issue affects Create by Mediavine: from n/a through 1.9.8...
CVE-2024-43264
CVE-2024-43264 describes an Exposure of Sensitive Information to an Unauthorized Actor in the Mediavine Create WordPress plugin. Affected versions are Create by Mediavine up to 1.9.8 (inclusive). The connected sources confirm an unauthenticated exposure of sensitive data and identify the affected...
PT-2024-30427 · Mediavine · Create By Mediavine
Name of the Vulnerable Software and Affected Versions: Create by Mediavine versions 1.9.8 and earlier Description: This issue exposes sensitive information to unauthorized actors. Users are urged to upgrade to the latest version to mitigate risks. Recommendations: For versions 1.9.8 and earlier,...
CVE-2024-37495
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7...
CVE-2024-37495
CVE-2024-37495 is a Stored XSS in Mediavine Create for WordPress, caused by improper neutralization of input during web page generation. Affected: Create by Mediavine versions n/a through 1.9.7. The vulnerability is documented as a cross-site scripting issue that stores user input and could affec...
PT-2024-27602 · Mediavine · Create By Mediavine
Name of the Vulnerable Software and Affected Versions: Create by Mediavine versions 1.9.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...
CVE-2024-5601
The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...