EUVD-2025-3018

Malicious code in bioql PyPI...

EUVD-2025-26034

Malicious code in bioql PyPI...

CVE-2025-48325

Cross-Site Request Forgery CSRF vulnerability in shmish111 WP Admin Theme wp-admin-theme allows Stored XSS.This issue affects WP Admin Theme: from n/a through = 1.0...

CVE-2025-48325

Cross-Site Request Forgery CSRF vulnerability in shmish111 WP Admin Theme wp-admin-theme allows Stored XSS.This issue affects WP Admin Theme: from n/a through = 1.0...

CVE-2025-48325

CVE-2025-48325 is a CSRF vulnerability in the WordPress plugin/theme “WP Admin Theme” (shmish111) that also enables Stored XSS. Affected versions are from n/a through 1.0. The issue arises from a Cross-Site Request Forgery flaw that, when exploited, can lead to stored XSS in the WP Admin Theme co...

CVE-2025-48325 WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in shmish111 WP Admin Theme wp-admin-theme allows Stored XSS.This issue affects WP Admin Theme: from n/a through = 1.0...

CVE-2025-48325 WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in shmish111 WP Admin Theme allows Stored XSS. This issue affects WP Admin Theme: from n/a through 1.0...

WordPress plugin WP Admin Theme 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-35013

Name of the Vulnerable Software and Affected Versions: shmish111 WP Admin Theme versions n/a through 1.0 Description: A Cross-Site Request Forgery CSRF vulnerability exists in shmish111 WP Admin Theme, which also allows Stored Cross-Site Scripting XSS. Recommendations: At the moment, there is no...

WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Ren Kikuchi Patchstack Alliance in WordPress Plugin WP Admin Theme versions = 1.0...

CVE-2019-9572

SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin=theme=upload by using the .zip extension along with the Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of...

CVE-2025-22814

Cross-Site Request Forgery CSRF vulnerability in Dylan James Zephyr Admin Theme zephyr-modern-admin-theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through = 1.4.1...

CVE-2025-22814

Cross-Site Request Forgery CSRF vulnerability in Dylan James Zephyr Admin Theme zephyr-modern-admin-theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through = 1.4.1...

CVE-2025-22814 WordPress Zephyr Admin Theme Plugin <= 1.4.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Dylan James Zephyr Admin Theme zephyr-modern-admin-theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through = 1.4.1...

CVE-2025-22814 WordPress Zephyr Admin Theme Plugin <= 1.4.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Dylan James Zephyr Admin Theme zephyr-modern-admin-theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through = 1.4.1...

CVE-2025-22814

CVE-2025-22814 is a Cross-Site Request Forgery to Stored Cross‑Site Scripting vulnerability in Zephyr Admin Theme. Affected: Zephyr Admin Theme versions from n/a up to 1.4.1. The provided documents do not include explicit exploitation details or a confirmed fix/patch.

WordPress plugin Zephyr Admin Theme 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-4723 · Unknown · Zephyr Admin Theme

Name of the Vulnerable Software and Affected Versions: Zephyr Admin Theme versions 1.4.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user...

WordPress Zephyr Admin Theme Plugin <= 1.4.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Zephyr Admin Theme versions = 1.4.1...

Malicious code in active-admin_theme (RubyGems)

--- -= Per source details. Do not edit below this line.=-...