14 matches found
EUVD-2025-5124
Malicious code in bioql PyPI...
EUVD-2024-50882
Malicious code in bioql PyPI...
CVE-2024-13647
The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing or incorrect nonce validation on the 'saveexamsetting' and 'deleteexamsetting' actions. This makes it possible for...
CVE-2024-13647
The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing or incorrect nonce validation on the 'saveexamsetting' and 'deleteexamsetting' actions. This makes it possible for...
CVE-2024-13647
The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing or incorrect nonce validation on the 'saveexamsetting' and 'deleteexamsetting' actions. This makes it possible for...
CVE-2024-13647 School Management System – SakolaWP <= 1.0.8 - Cross-Site Request Forgery to Exam Setting Manipulation
The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8. This is due to missing or incorrect nonce validation on the 'saveexamsetting' and 'deleteexamsetting' actions. This makes it possible for...
CVE-2024-13647
The CVE-2024-13647 issue affects the School Management System – SakolaWP WordPress plugin. It enables Cross-Site Request Forgery due to missing or incorrect nonce validation on save_exam_setting and delete_exam_setting actions, affecting all versions up to 1.0.8. Unauthenticated attackers can man...
PT-2025-8910 · WordPress · Sakolawp
Name of the Vulnerable Software and Affected Versions: SakolaWP plugin for WordPress versions prior to 1.0.9 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the save exam setting and delete exam setting actions. This allows...
WordPress plugin SakolaWP 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
WordPress School Management System – SakolaWP plugin <= 1.0.8 - Cross-Site Request Forgery to Exam Setting Manipulation vulnerability
Cross-Site Request Forgery to Exam Setting Manipulation vulnerability discovered by Dhabaleshwar Das in WordPress Plugin School Management System – SakolaWP versions = 1.0.8...
CVE-2024-12470
The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to...
CVE-2024-12470 School Management System – SakolaWP <= 1.0.8 - Unauthenticated Privilege Escalation
The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to...
CVE-2024-12470 School Management System – SakolaWP <= 1.0.8 - Unauthenticated Privilege Escalation
The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to...
WordPress plugin SakolaWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...