368 matches found
CVE-2013-7233
Cross-site request forgery CSRF vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list...
CVE-2018-20898
cPanel before 71.9980.37 allows e-mail injection during cPAddons moderation SEC-396...
CVE-2018-20876
cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface SEC-434...
LinkedIn: Previous commentor on post can still comment even after comment permission is changed to disabled
A logic error existed in the comment permission system that allowed users who had previously commented on a post to continue posting additional comments even after the post owner disabled commenting functionality. The vulnerability occurred when an account created a post with comments enabled,...
CVE-2025-2104
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to unauthorized post publication due to insufficient validation on the pagelayersavecontent function in all versions up to, and including, 1.9.8. This makes it possible for authenticated attackers, with...
PT-2025-11143 · Pagelayer · Pagelayer
Name of the Vulnerable Software and Affected Versions: The Page Builder: Pagelayer versions up to, and including, 1.9.8 Description: The issue is related to insufficient validation on the pagelayer save content function, allowing authenticated attackers with Contributor-level access and above to...
Friday Squid Blogging: Squid Loyalty Cards
Squid is a loyalty card platform in Ireland. Blog moderation policy...
Friday Squid Blogging: The Colossal Squid
Long article on the colossal squid. Blog moderation policy...
CVE-2025-24024
Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature tha...
CVE-2022-39303
Ree6 is a moderation bot. This vulnerability allows manipulation of SQL queries. This issue has been patched in version 1.7.0 by using Javas PreparedStatements, which allow object setting without the risk of SQL injection. There are currently no known workarounds...
Friday Squid Blogging: On Squid Brains
Interesting. Blog moderation policy...
go1.24-1.24rc2-1.1 on GA media (moderate)
go1.24-1.24rc2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14693-1 Rating: moderate Cross-References: CVE-2024-45336 CVE-2024-45340 CVE-2024-45341 CVE-2025-22865 CVSS scores: CVE-2024-45340 SUSE : 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L CVE-2025-22865 SUSE : 7.5...
CVE-2025-24024
Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature tha...
CVE-2025-24024 Mjolnir v1.9.0 accepts commands from any room
Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature tha...
Malicious code in sendbird-moderation-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9be644a0fd9fb186a5e62cc024cf4fc725c0f9a3dd25aab1e25cd138dc454297 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-239 Malicious code in sendbird-moderation-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9be644a0fd9fb186a5e62cc024cf4fc725c0f9a3dd25aab1e25cd138dc454297 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Friday Squid Blogging: Anniversary Post
I made my first squid post nineteen years ago this week. Between then and now, I posted something about squid every week with maybe only a few exceptions. There is a lot out there about squid, even more if you count the other meanings of the word. Blog moderation policy...
Friday Squid Blogging: Biology and Ecology of the Colossal Squid
Good survey paper. Blog moderation policy...
MAL-2024-11452 Malicious code in sendbird-moderation-dashboard-node (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sendbird-moderation-dashboard-node (npm)
--- -= Per source details. Do not edit below this line.=-...