CVE-2026-39685 WordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in lvaudore The Moneytizer the-moneytizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Moneytizer: from n/a through = 10.0.10...

CVE-2026-39685

The CVE-2026-39685 entry concerns a Missing Authorization vulnerability in the WordPress The Moneytizer plugin (the-moneytizer) &lt;= 10.0.10. The connected sources confirm a broken access control issue allowing exploitation viaN/A through 10.0.10, with CVSS 3.1: Network, Low difficulty, No user ...

WordPress plugin The Moneytizer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-62756 WordPress The Moneytizer plugin <= 10.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through = 10.0.9...

CVE-2025-62756 WordPress The Moneytizer plugin <= 10.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lvaudore The Moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through 10.0.6...

WordPress plugin The Moneytizer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

EUVD-2023-59162

Malicious code in bioql PyPI...

EUVD-2023-59164

Malicious code in bioql PyPI...

CVE-2023-6968

The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.6.3. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and retrieve billing...

CVE-2023-6966

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/coreajax.php file in all versions up to, and including, 9.6.3. This makes it possible for...

WordPress The Moneytizer plugin <= 9.6.3 - Cross-Site Request Forgery via multiple AJAX actions vulnerability

Cross-Site Request Forgery via multiple AJAX actions vulnerability discovered by Francesco Carlucci in WordPress Plugin The Moneytizer versions = 9.6.3...

CVE-2023-6968

The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.5.20. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and retrieve billing...

CVE-2023-6966

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/coreajax.php file in all versions up to, and including, 9.5.20. This makes it possible for...

CVE-2023-6968

The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.6.3. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and retrieve billing...

CVE-2023-6966 The Moneytizer <= 9.6.3 - Missing Authorization via multiple AJAX actions

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/coreajax.php file in all versions up to, and including, 9.6.3. This makes it possible for...

WordPress plugin The Moneytizer security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress The Moneytizer Plugin <= 9.6.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software The Moneytizer Type Plugin Vulnerable versions = 9.6.3 Fixed in 10.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6968 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID 7f64635fb8b8 Credits Francesco Carlucci...

The Moneytizer <= 9.5.20 - Cross-Site Request Forgery via multiple AJAX actions

Description The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.5.20. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and...

WordPress plugin The Moneytizer security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Plugin The Moneytizer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...