7 matches found
EUVD-2025-27716
Malicious code in bioql PyPI...
CVE-2025-24289
A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...
CVE-2025-24289
A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...
CVE-2025-24289
A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...
CVE-2025-24289
The CVE-2025-24289 entry concerns the UCRM Client Signup Plugin (versions 1.3.4 and earlier). The documented vulnerability is a CSRF that can lead to XSS and privilege escalation when an Administrator visits a crafted malicious page. The plugin is disabled by default. Affected component: UCRM Cli...
CVE-2025-24289
A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...
PT-2025-27378 · Unknown · Ucrm Client Signup Plugin
Name of the Vulnerable Software and Affected Versions: UCRM Client Signup Plugin versions 1.3.4 and earlier Description: A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS issue could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious...