258 matches found
CVE-2025-12410
The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the shcontextualhelpdashboardwidget function. This makes it possible for unauthenticated attackers to update...
CVE-2025-11887
The Supervisor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update...
CVE-2025-10375
The Web Accessibility By accessiBe plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10. This is due to missing nonce validation on multiple AJAX actions including accessibesignup, accessibelogin, accessibelicensetrial, accessibemodifyconfig,...
CVE-2025-10375 Web Accessibility By accessiBe <= 2.10 - Cross-Site Request Forgery
The Web Accessibility By accessiBe plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10. This is due to missing nonce validation on multiple AJAX actions including accessibesignup, accessibelogin, accessibelicensetrial, accessibemodifyconfig,...
PT-2025-41666
Name of the Vulnerable Software and Affected Versions Web Accessibility By accessiBe plugin for WordPress versions through 2.10 Description The Web Accessibility By accessiBe plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by a lack of nonce validation on several...
EUVD-2011-5217
Malware in sbrugna...
EUVD-2016-2293
Malware in sbrugna...
EUVD-2012-1253
Malware in sbrugna...
EUVD-2014-2410
Malware in sbrugna...
EUVD-2013-6001
Malware in sbrugna...
EUVD-2025-17098
Malicious code in bioql PyPI...
EUVD-2025-21763
Malicious code in bioql PyPI...
EUVD-2024-16614
Malicious code in bioql PyPI...
EUVD-2025-26250
Malicious code in bioql PyPI...
EUVD-2025-27653
Malicious code in bioql PyPI...
EUVD-2025-27991
Malicious code in bioql PyPI...
EUVD-2024-16234
Malicious code in bioql PyPI...
CVE-2025-9946 LockerPress – WordPress Security Plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The LockerPress – WordPress Security Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and...
PT-2025-39716
Name of the Vulnerable Software and Affected Versions cForms – Light speed fast Form Builder plugin for WordPress versions through 3.0.0 Description The software is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the cforms api function. This allows...
CVE-2025-9633
CVE-2025-9633: LH Signing WordPress plugin vulnerabilities exist in all versions up to 2.83 due to missing or incorrect nonce validation in the plugin_options function, enabling CSRF. This allows unauthenticated attackers to modify plugin settings by inducing an admin action (e.g., clicking a for...