EUVD-2025-12489

Malicious code in bioql PyPI...

EUVD-2025-12490

Malicious code in bioql PyPI...

WordPress Plugin Aeropage Sync for Airtable File Upload Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A file upload vulnerability...

CVE-2025-3915 Aeropage Sync for Airtable <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2025-3915

CVE-2025-3915 affects the WordPress plugin “Aeropage Sync for Airtable” in all versions up to 3.2.0. The root cause is a missing capability check in the aeropageDeletePost function, enabling authenticated users with Subscriber-level access and above to delete arbitrary posts, leading to unauthori...