16 matches found
WordPress Sweet Energy Efficiency plugin <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Graph Deletion vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin Sweet Energy Efficiency versions = 1.0.6...
CVE-2025-14618
The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...
CVE-2025-14618
CVE-2025-14618 concerns the Sweet Energy Efficiency plugin for WordPress. The description states a missing capability check on the AJAX handler sweet_energy_efficiency_action, affecting all versions up to 1.0.6. This permits authenticated attackers with subscriber-level access and above to read, ...
CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion
The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...
CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion
The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...
EUVD-2025-204264
The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...
WordPress plugin Sweet Energy Efficiency 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2025-30575
Malicious code in bioql PyPI...
CVE-2025-58262
Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...
CVE-2025-58262
Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...
WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Sweet Energy Efficiency versions = 1.0.8...
CVE-2025-58262 WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...
CVE-2025-58262 WordPress Sweet Energy Efficiency plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPDirectoryKit Sweet Energy Efficiency sweet-energy-efficiency allows Stored XSS.This issue affects Sweet Energy Efficiency: from n/a through = 1.0.8...
CVE-2025-58262
Technical details for CVE-2025-58262 are not publicly available in the provided documents. The initial entry mentions a CSRF issue and Stored XSS in the Sweet Energy Efficiency plugin for WPDirectoryKit (
PT-2025-38925
Name of the Vulnerable Software and Affected Versions wpdirectorykit Sweet Energy Efficiency versions through 1.0.6 Description A Cross-Site Request Forgery CSRF issue exists in wpdirectorykit Sweet Energy Efficiency, which also allows Stored Cross-Site Scripting XSS. Recommendations Update...
WordPress plugin Sweet Energy Efficiency 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...