EUVD-2025-9680

Malicious code in bioql PyPI...

EUVD-2025-31283

Malicious code in bioql PyPI...

CVE-2025-60117

Cross-Site Request Forgery CSRF vulnerability in TangibleWP Vehica Core vehica-core allows Cross Site Request Forgery.This issue affects Vehica Core: from n/a through = 1.0.100...

WordPress Vehica Core Plugin <= 1.0.100 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Vehica Core versions = 1.0.100...

CVE-2025-60117

Cross-Site Request Forgery CSRF vulnerability in TangibleWP Vehica Core vehica-core allows Cross Site Request Forgery.This issue affects Vehica Core: from n/a through = 1.0.100...

CVE-2025-60117 WordPress Vehica Core Plugin <= 1.0.100 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in TangibleWP Vehica Core vehica-core allows Cross Site Request Forgery.This issue affects Vehica Core: from n/a through = 1.0.100...

CVE-2025-60117 WordPress Vehica Core Plugin <= 1.0.100 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in TangibleWP Vehica Core vehica-core allows Cross Site Request Forgery.This issue affects Vehica Core: from n/a through = 1.0.100...

CVE-2025-60117

Technical details about CVE-2025-60117 are not provided in the connected documents; monitor for updates.

WordPress plugin Vehica Core 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-39564

Name of the Vulnerable Software and Affected Versions TangibleWP Vehica Core versions through 1.0.100 Description A Cross-Site Request Forgery CSRF issue exists in TangibleWP Vehica Core. This allows attackers to perform actions on behalf of authenticated users without their knowledge...

CVE-2025-3105

The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This make...

CVE-2025-3105 Vehica Core <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation

The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This make...

PT-2025-14864 · WordPress · Vehica Core

Name of the Vulnerable Software and Affected Versions: Vehica Core plugin for WordPress versions up to and including 1.0.97 Description: The issue arises from the plugin not properly validating user meta fields before updating them in the database. This allows authenticated attackers with...

WordPress plugin Vehica Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...