EUVD-2022-36244

Malicious code in bioql PyPI...

CVE-2025-7841

The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or incorrect nonce validation on the 'sertifiersettings' page. This makes it possible for...

CVE-2022-30290

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in MailerLite – Signup forms official plugin = 1.5.7 at WordPress allows an attacker to change the API key...

PT-2022-21738 · WordPress · Mailerlite – Signup Forms Plugin

Name of the Vulnerable Software and Affected Versions: MailerLite – Signup forms plugin versions 1.5.7 and earlier Description: A Cross-Site Request Forgery CSRF issue allows an attacker to change the API key. This can be exploited by an attacker to make unauthorized changes. Recommendations: For...