EUVD-2025-28365

Malicious code in bioql PyPI...

WordPress plugin WP Register Profile With Shortcode 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-17212 · WordPress · Kvcore Idx Plugin

Name of the Vulnerable Software and Affected Versions: kvCORE IDX plugin for WordPress versions up to, and including, 2.3.35 Description: The issue is related to Reflected Cross-Site Scripting, which occurs due to insufficient input sanitization and output escaping. This allows unauthenticated...

PT-2024-39521 · WordPress · The User Meta

Name of the Vulnerable Software and Affected Versions: The User Meta – User Profile Builder and User management plugin for WordPress versions up to, and including, 3.1 Description: The issue is related to Insecure Direct Object Reference, which can be exploited by authenticated attackers with...

CVE-2023-4276

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abprprofileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a...

WordPress Plugin Absolute Privacy Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...