15 matches found
CVE-2025-1909
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
EUVD-2025-1984
Malicious code in bioql PyPI...
EUVD-2025-13435
Malicious code in bioql PyPI...
CVE-2025-1909
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1909 BuddyBoss Platform Pro <= 2.7.01 - Authentication Bypass via Apple OAuth provider
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1909 BuddyBoss Platform Pro <= 2.7.01 - Authentication Bypass via Apple OAuth provider
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
WordPress plugin BuddyBoss Platform Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-19790
Name of the Vulnerable Software and Affected Versions BuddyBoss Platform Pro plugin for WordPress versions up to, and including, 2.7.01 Description The issue is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes i...
Malicious code in apple-oauth (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-1733 Malicious code in apple-oauth (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2025-1061
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1061 Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
CVE-2025-1061
CVE-2025-1061 (Nextend Social Login Pro, WordPress) is an authentication bypass vulnerability in versions up to and including 3.1.16 caused by insufficient verification of the user during the Apple OAuth authenticate request. This allows unauthenticated attackers to log in as an existing user (e....
CVE-2025-1061 Nextend Social Login Pro <= 3.1.16 - Authentication Bypass via Apple OAuth provider
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for...
WordPress Nextend Social Login Pro plugin <= 3.1.16 - Authentication Bypass via Apple OAuth provider vulnerability
Authentication Bypass via Apple OAuth provider vulnerability discovered by István Márton in WordPress Plugin Nextend Social Login Pro versions = 3.1.16...