10 matches found
EUVD-2025-27672
Malicious code in bioql PyPI...
CVE-2025-9631
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatsetajax function. This makes it possible for unauthenticated attackers to trigger automatic...
WordPress AutoCatSet Cross-Site Request Forgery Vulnerability
AutoCatSet is an automatic post categorization plugin for the WordPress platform. A cross-site request forgery vulnerability exists in AutoCatSet 2.1.4 and earlier versions, which stems from the autocatsetajax function not properly implementing a random number validation mechanism. An attacker ca...
CVE-2025-9631
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatsetajax function. This makes it possible for unauthenticated attackers to trigger automatic...
CVE-2025-9631
AutoCatSet (WordPress) is affected by a Cross-Site Request Forgery in all versions up to 2.1.4. The root cause is missing or incorrect nonce validation in the autocatset_ajax function, enabling unauthenticated attackers to trigger automatic recategorization of posts via forged requests that trick...
CVE-2025-9631 AutoCatSet <= 2.1.4 - Cross-Site Request Forgery
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatsetajax function. This makes it possible for unauthenticated attackers to trigger automatic...
CVE-2025-9631 AutoCatSet <= 2.1.4 - Cross-Site Request Forgery
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatsetajax function. This makes it possible for unauthenticated attackers to trigger automatic...
WordPress AutoCatSet plugin <= 2.1.4 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin AutoCatSet versions = 2.1.4...
PT-2025-37149
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatset ajax function. This makes it possible for unauthenticated attackers to trigger automatic...
WordPress plugin AutoCatSet 跨站请求伪造漏洞
AutoCatSet is an automatic post categorization plugin for the WordPress platform. A cross-site request forgery vulnerability exists in AutoCatSet 2.1.4 and earlier versions, which stems from the autocatsetajax function not properly implementing a random number validation mechanism. An attacker ca...