EUVD-2007-1845

Malware in sbrugna...

EUVD-2022-52192

Malicious code in bioql PyPI...

CVE-2025-5692 Lead Form Data Collection to CRM <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Many Actions

The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /includes/LBadminajax.php file in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with...

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

PT-2023-15924 · WordPress · Wcfm Frontend Manager

Name of the Vulnerable Software and Affected Versions: WCFM Frontend Manager plugin for WordPress versions up to, and including, 6.6.0 Description: The issue allows unauthenticated attackers to perform various actions, such as modifying knowledge bases, notices, payments, managing vendors, and...