CVE-2024-43228

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through = 2.2.5.3...

CVE-2024-43228

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through = 2.2.5.3...

CVE-2024-43228 WordPress SecuPress Free plugin <= 2.2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through = 2.2.5.3...

CVE-2024-43228 WordPress SecuPress Free plugin <= 2.2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in SecuPress SecuPress Free secupress.This issue affects SecuPress Free: from n/a through = 2.2.5.3...

CVE-2024-43228

CVE-2024-43228 is a Missing Authorization (Broken Access Control) vulnerability in WordPress SecuPress Free, affecting SecuPress Free versions through 2.2.5.3. The issue is confirmed by NVD/Red Hat entries with the same description and a CVSS v3.1 base score of 5.3 (Medium). No exploit details ar...

PT-2026-21026

Name of the Vulnerable Software and Affected Versions SecuPress Free versions through 2.2.5.3 Description A missing authorization issue exists in SecuPress Free. The issue allows unauthorized access. Recommendations Update SecuPress Free to a version later than 2.2.5.3...

WordPress plugin SecuPress Free 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress SecuPress Free - WordPress Security plugin <= 2.2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via secupress_check_ban_ips_form Shortcode vulnerability

WordPress SecuPress Free - WordPress Security plugin = 2.2.5.3 - Authenticated Contributor+ Stored Cross-Site Scripting via secupresscheckbanipsform Shortcode vulnerability discovered by Brian Sans-Souci liardom in WordPress Plugin SecuPress Free versions = 2.2.5.3...

EUVD-2025-8303

Malicious code in bioql PyPI...

EUVD-2025-15050

Malicious code in bioql PyPI...

EUVD-2024-53968

Malicious code in bioql PyPI...

CVE-2024-1504

The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5.1. This is due to missing or incorrect nonce validation on the secupressblackholebanip function. This makes it possible for unauthenticated attacker...

CVE-2025-3452

The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'secupressreinstallpluginsadminajaxcb' function in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers,...

CVE-2025-3452 SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'secupressreinstallpluginsadminajaxcb' function in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers,...

CVE-2025-3452

CVE-2025-3452 concerns the WordPress plugin SecuPress Free (versions up to and including 2.3.9). A missing capability check in the secupress_reinstall_plugins_admin_ajax_cb function allows authenticated attackers with Subscriber-level access and above to install arbitrary plugins, enabling unauth...

CVE-2025-3452 SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation

The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'secupressreinstallpluginsadminajaxcb' function in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers,...

WordPress plugin SecuPress Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-18139 · WordPress · Secupress Free

Name of the Vulnerable Software and Affected Versions: SecuPress Free — WordPress Security plugin versions up to, and including, 2.3.9 Description: The issue allows authenticated attackers with Subscriber-level access and above to install arbitrary plugins due to a missing capability check on the...

WordPress SecuPress Free plugin <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Installation vulnerability discovered by mikemyers in WordPress Plugin SecuPress Free versions = 2.3.9...

CVE-2025-30907

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SecuPress SecuPress Free secupress allows DOM-Based XSS.This issue affects SecuPress Free: from n/a through = 2.2.5.3...