CVE-2025-12374

CVE-2025-12374 (User Verification by PickPlugins) affects WordPress plugin User Verification (versions ≤ 2.0.39). Root cause: authentication bypass due to improper validation of OTP generation in user_verification_form_wrap_process_otpLogin, allowing unauthenticated logins with a verified email (...

EUVD-2025-7840

Malicious code in bioql PyPI...

EUVD-2025-7839

Malicious code in bioql PyPI...

CVE-2025-28871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

CVE-2025-28872

Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Block Spam By Math Reloaded versions = 2.2.4...

WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Block Spam By Math Reloaded versions = 2.2.4...

CVE-2025-28871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

CVE-2025-28872

Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

CVE-2025-28871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jwpegram Block Spam By Math Reloaded allows Stored XSS. This issue affects Block Spam By Math Reloaded: from n/a through 2.2.4...

CVE-2025-28872

Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Block Spam By Math Reloaded: from n/a through 2.2.4...

CVE-2025-28872

CVE-2025-28872 concerns Block Spam By Math Reloaded (WordPress plugin). The issue is Missing Authorization, allowing access to functionality not constrained by ACLs in versions up to 2.2.4. Public records (NVD, Red Hat, CVE, Patchstack) classify this as a high-severity vulnerability (CVSS v3.1 ba...

CVE-2025-28871

CVE-2025-28871: WordPress Block Spam By Math Reloaded plugin

CVE-2025-28871 WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

CVE-2025-28871 WordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jwpegram Block Spam By Math Reloaded block-spam-by-math-reloaded allows Stored XSS.This issue affects Block Spam By Math Reloaded: from n/a through = 2.2.4...

WordPress plugin Block Spam By Math Reloaded 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an application plugin. A...

WordPress plugin Block Spam By Math Reloaded 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Block...

CVE-2022-39242 Incorrect Calculation in Frontier leads to inflated Ethereum chain gas prices

Frontier is an Ethereum compatibility layer for Substrate. Prior to commit d3beddc6911a559a3ecc9b3f08e153dbe37a8658, the worst case weight was always accounted as the block weight for all cases. In case of large EVM gas refunds, this can lead to block spamming attacks -- the adversary can constru...

Truemessenger - SMS Block Spam - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Truemessenger - SMS Block Spam published at the 'play' market has multiple vulnerabilities...

WordPress Block-Spam-By-Math-Reloaded Plugin Bypass

$Id: wordpressloginenum.rb 12196 2011-04-01 00:51:33Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...