Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13312

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00149EPSS
Exploits0References3
NVD
NVD
added 2025/05/03 3:15 a.m.14 views

CVE-2025-4198

The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...

6.1CVSS0.00149EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/03 1:43 a.m.5 views

CVE-2025-4198 Alink Tap <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...

6.1CVSS6.5AI score0.00149EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/03 1:43 a.m.16 views

CVE-2025-4198 Alink Tap <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...

6.1CVSS0.00149EPSS
Exploits0References3
CVE
CVE
added 2025/05/03 1:43 a.m.62 views

CVE-2025-4198

CVE-2025-4198 – Alink Tap (WordPress) CSRF to Stored XSS . Affected: Alink Tap plugin for WordPress versions up to and including 1.3.1. Root cause: missing/incorrect nonce validation on the alink-tap page enables Cross-Site Request Forgery. Impact (per sources): unauthenticated attackers can upda...

6.1CVSS6AI score0.00149EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/03 12:0 a.m.5 views

PT-2025-18934 · WordPress · Alink Tap

Name of the Vulnerable Software and Affected Versions: Alink Tap plugin for WordPress versions up to, and including, 1.3.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'alink-tap' page. This allows unauthenticated attackers to...

6.1CVSS6.6AI score0.00149EPSS
Exploits0References8
Rows per page
Query Builder