36 matches found
EKC Tournament Manager WordPress plugin - Path Traversal
EKC Tournament Manager WordPress plugin 2.2.2 contains a path traversal caused by insufficient validation, letting logged in admin users download system files outside the WordPress directory. id: CVE-2024-9765 info: name: EKC Tournament Manager WordPress plugin - Path Traversal author: Sourabh-Sa...
WordPress EKC Tournament Manager plugin < 2.2.2 - Delete Tournaments via CSRF vulnerability
Delete Tournaments via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin EKC Tournament Manager versions 2.2.2...
EUVD-2025-15213
Malicious code in bioql PyPI...
EUVD-2024-43532
Malicious code in bioql PyPI...
WordPress EKC Tournament Manager plugin < 2.2.2 - Create Tournaments/Teams via CSRF vulnerability
Create Tournaments/Teams via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin EKC Tournament Manager versions 2.2.2...
CVE-2024-9765
The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory...
CVE-2024-9709
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9711
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9709
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9711
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9709
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9711
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9765
The CVE-2024-9765 entry concerns the WordPress plugin EKC Tournament Manager (versions before 2.2.2). Affected component: EKC Tournament Manager plugin. Description from multiple sources indicates an admin-level vulnerability where a logged-in administrator can download system files outside the W...
CVE-2024-9765 EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability
The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory...
CVE-2024-9765 EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability
The EKC Tournament Manager WordPress plugin before 2.2.2 allows a logged in admin to download system files outside of the WordPress directory...
CVE-2024-9711
The CVE relates to the WordPress EKC Tournament Manager plugin prior to version 2.2.2. Affected component: the plugin’s settings update workflow. Root cause: absence of CSRF protection when updating settings, enabling a logged-in attacker to alter settings via a CSRF attack. Impact stated across ...
CVE-2024-9709 EKC Tournament Manager < 2.2.2 - Create Tournaments/Teams via CSRF
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9711 EKC Tournament Manager < 2.2.2 - Delete Tournaments via CSRF
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9711 EKC Tournament Manager < 2.2.2 - Delete Tournaments via CSRF
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-9709 EKC Tournament Manager < 2.2.2 - Create Tournaments/Teams via CSRF
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...