18 matches found
CVE-2025-12413
The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on the smWpCfSwOptions function. This makes it possible for unauthenticated attackers to update the...
CVE-2025-12413
The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on the smWpCfSwOptions function. This makes it possible for unauthenticated attackers to update the...
WordPress Social Media WPCF7 Stop Words plugin <= 1.1.3 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Social Media WPCF7 Stop Words versions = 1.1.3...
CVE-2025-12413 Social Media WPCF7 Stop Words <= 1.1.3 - Cross-Site Request Forgery to Settings Update
The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on the smWpCfSwOptions function. This makes it possible for unauthenticated attackers to update the...
CVE-2025-12413
The CVE-2025-12413 entry concerns the WordPress plugin Social Media WPCF7 Stop Words (versions up to 1.1.3). Root cause: missing or incorrect nonce validation in smWpCfSwOptions(), enabling Cross-Site Request Forgery. Impact: unauthenticated attackers could update the plugin’s settings and inject...
WordPress plugin Social Media WPCF7 Stop Words 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that provides the ability to host personal blog sites on PHP and MySQL based servers. A cross-site request forgery vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2024-5206
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fix...
DEBIAN-CVE-2024-5206
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
CVE-2024-5206
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
CVE-2024-5206
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
PYSEC-2024-110
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
UBUNTU-CVE-2024-5206
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
CVE-2024-5206
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
CVE-2024-5206 Sensitive Data Leakage in sklearn.feature_extraction.text.TfidfVectorizer in scikit-learn/scikit-learn
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
CVE-2024-5206
CVE-2024-5206 affects scikit-learn's TfidfVectorizer. The issue: training-data tokens are stored in stop_words_ (not just the TF‑IDF subset), risking leakage of sensitive data. Affected: scikit-learn versions up to 1.4.1.post1; fixed in 1.5.0. Reported base CVSS v3.1 score: 4.7 (MEDIUM) with LOCA...
CVE-2024-5206 Sensitive Data Leakage in sklearn.feature_extraction.text.TfidfVectorizer in scikit-learn/scikit-learn
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...
scikit-learn Security Vulnerabilities
scikit-learn is an open source Python-based machine learning package that supports spam detection, image recognition, and prediction of continuous-valued attributes of associations. A security vulnerability exists in scikit-learn 1.4.1.post1 and earlier versions, which stems from accidentally...
PT-2024-35110 · Unknown +2 · Scikit-Learn +2
Name of the Vulnerable Software and Affected Versions: scikit-learn versions up to and including 1.4.1.post1 Description: A sensitive data leakage issue was identified in scikit-learn's TfidfVectorizer. The vulnerability arises from the unexpected storage of all tokens present in the training dat...