EUVD-2025-10600

Malicious code in bioql PyPI...

CVE-2025-32556

Cross-Site Request Forgery CSRF vulnerability in Sandor Kovacs Simple Post Meta Manager simple-post-meta-manager allows Reflected XSS.This issue affects Simple Post Meta Manager: from n/a through = 1.0.9...

CVE-2025-32556

Cross-Site Request Forgery CSRF vulnerability in Sandor Kovacs Simple Post Meta Manager simple-post-meta-manager allows Reflected XSS.This issue affects Simple Post Meta Manager: from n/a through = 1.0.9...

CVE-2025-32556

CVE-2025-32556 affects Simple Post Meta Manager (WordPress plugin). The combination of a Cross-Site Request Forgery (CSRF) vulnerability with a Reflected XSS flaw is reported to affect versions up to 1.0.9. CVSS v3.1 base score is 7.1 (HIGH) with NETWORK attack vector, user interaction required. ...

CVE-2025-32556 WordPress Simple Post Meta Manager Plugin <= 1.0.9 - CSRF to Reflected Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sandor Kovacs Simple Post Meta Manager allows Reflected XSS. This issue affects Simple Post Meta Manager: from n/a through 1.0.9...

WordPress plugin Simple Post Meta Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress plugin Post Meta Data Manager Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-5776

The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the pmdmwpajaxdeletemeta, pmdmwpdeleteusermeta, and pmdmwpdeleteusermeta functions. This makes it possible for...

CVE-2023-5425

The Post Meta Data Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdmwpchangeusermeta and pmdmwpchangepostmeta functions in versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with...

WordPress plugin Post Meta Data Manager security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2023-6744 · WordPress · Post Meta Data Manager

Name of the Vulnerable Software and Affected Versions: Post Meta Data Manager plugin for WordPress version 1.2.0 and earlier Description: The issue is related to a missing capability check on the pmdm wp change user meta and pmdm wp change post meta functions. This allows authenticated attackers...