7 matches found
CVE-2025-9629
The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on the usssettingpage function when processing the ussset form type. This makes it possible for unauthenticated attacker...
CVE-2025-9629
The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on the usssettingpage function when processing the ussset form type. This makes it possible for unauthenticated attacker...
CVE-2025-9629
CVE-2025-9629: USS Upyun WordPress plugin
CVE-2025-9629 USS Upyun <= 1.5.0 - Cross-Site Request Forgery
The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on the usssettingpage function when processing the ussset form type. This makes it possible for unauthenticated attacker...
WordPress plugin USS Upyun 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
PT-2025-38102
Name of the Vulnerable Software and Affected Versions: USS Upyun plugin for WordPress versions prior to 1.5.1 Description: The USS Upyun plugin for WordPress is susceptible to a Cross-Site Request Forgery issue. This is due to missing or incorrect nonce validation within the uss setting page...
WordPress USS Upyun plugin <= 1.5.0 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Claw.k in WordPress Plugin USS Upyun versions = 1.5.0...