9 matches found
EUVD-2025-25003
Malicious code in bioql PyPI...
WordPress Add User Meta plugin Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...
CVE-2025-7688
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688 Add User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject...
CVE-2025-7688
CVE-2025-7688 affects the WordPress Add User Meta plugin (versions ≤ 1.0.1). The vulnerability is a Cross-Site Forgery risk caused by missing or incorrect nonce validation on the add-user-meta page, enabling unauthenticated attackers to forge requests that update settings and inject stored script...
WordPress plugin Add User Meta 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...
PT-2025-33462 · WordPress · Add User Meta
Name of the Vulnerable Software and Affected Versions: Add User Meta plugin for WordPress versions up to and including 1.0.1 Description: The Add User Meta plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the add-user-meta page. Thi...