30 matches found
EUVD-2025-4730
Malicious code in bioql PyPI...
EUVD-2025-4330
Malicious code in bioql PyPI...
EUVD-2024-32665
Malicious code in bioql PyPI...
EUVD-2024-32666
Malicious code in bioql PyPI...
CVE-2024-4103
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.0. This is due to missing or incorrect nonce validation on several functions hooked via the controller function. This makes it possible for...
CVE-2025-27300
Deserialization of Untrusted Data vulnerability in giuliopanda ADFO admin-form allows Object Injection.This issue affects ADFO: from n/a through = 1.9.1...
CVE-2025-27300
Deserialization of Untrusted Data vulnerability in giuliopanda ADFO admin-form allows Object Injection.This issue affects ADFO: from n/a through = 1.9.1...
WordPress ADFO plugin <= 1.9.1 - Deserialization of untrusted data vulnerability
Deserialization of untrusted data vulnerability discovered by Phan Trong Quan - VNPT Cyber Immunity in WordPress Plugin ADFO versions = 1.9.1...
CVE-2025-27300
CVE-2025-27300: WordPress ADFO plugin
CVE-2025-27300 WordPress ADFO plugin <= 1.9.1 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in giuliopanda ADFO admin-form allows Object Injection.This issue affects ADFO: from n/a through = 1.9.1...
CVE-2025-27300 WordPress ADFO plugin <= 1.9.1 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in giuliopanda ADFO admin-form allows Object Injection.This issue affects ADFO: from n/a through = 1.9.1...
PT-2025-7731 · Adfo · Adfo
Name of the Vulnerable Software and Affected Versions: ADFO versions 1.9.1 and earlier Description: The issue is related to the Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For ADFO versions 1.9.1 and earlier, at the moment, there is no information about a...
WordPress plugin ADFO 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
CVE-2024-13390
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'adfolist' shortcode in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-13390 ADFO – Custom data in admin dashboard <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'adfolist' shortcode in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
PT-2025-7348 · WordPress · Adfo
Name of the Vulnerable Software and Affected Versions: ADFO – Custom data in admin dashboard plugin for WordPress versions up to, and including, 1.9.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'adfo list' shortcode due to insufficient input sanitization and...
WordPress plugin ADFO – Custom data in admin dashboard 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...
WordPress ADFO plugin <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin ADFO versions = 1.9.1...
CVE-2024-4103
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.0. This is due to missing or incorrect nonce validation on several functions hooked via the controller function. This makes it possible for...
CVE-2024-4104
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dbpid' parameter in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...