EUVD-2022-43227

Malicious code in bioql PyPI...

Exploit for Missing Authorization in Ptoffice Pt_Project_Notebooks

CVE-2025-5304 PT Project Notebooks 1.0.0 - 1.1.3 - Missing Aut...

PT-2025-27849 · WordPress · Paymaster For Woocommerce

Name of the Vulnerable Software and Affected Versions: PayMaster for WooCommerce plugin for WordPress versions up to, and including, 0.4.31 Description: The issue allows authenticated attackers with Subscriber-level access and above to make web requests to arbitrary locations originating from the...

CVE-2022-1659

Vulnerable versions of the JupiterX Core = 2.0.6 plugin register an AJAX action jupiterxconditionalmanager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the subaction parameter. This can be used to view...

CVE-2022-1424

The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions, allowing an attacker to trick logged in users to perform various actions on their behalf on the site...

CVE-2019-14793

The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmbdeletefile attachmentid parameter...