19 matches found
EUVD-2024-54444
Malicious code in bioql PyPI...
EUVD-2023-56190
Malicious code in bioql PyPI...
EUVD-2024-36586
Malicious code in bioql PyPI...
CVE-2024-37925
Cross-Site Request Forgery CSRF vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61...
CVE-2023-51477
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyBoss Theme: from n/a through 2.4.60...
CVE-2024-37925
Cross-Site Request Forgery CSRF vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61...
CVE-2024-37925 WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61...
CVE-2024-37925 WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61...
CVE-2024-37925
CVE-2024-37925 is a CSRF vulnerability in BuddyBoss Theme (BuddyBoss Theme) affecting versions up to 2.4.61. The connected sources confirm Cross-Site Request Forgery as the issue and identify BuddyBoss Theme as the affected product; no publicly documented exploit details or patch/version that fix...
WordPress plugin BuddyBoss Theme 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site request forge...
WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dave Jong Patchstack in WordPress Theme BuddyBoss Theme versions = 2.4.61...
WordPress BuddyBoss Theme Theme <= 2.4.61 is vulnerable to Cross Site Request Forgery (CSRF)
Software BuddyBoss Theme Type Theme Vulnerable versions = 2.4.61 Fixed in 2.5.01 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37925 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1439d00bd43a Credits Dave Jong Patchsta...
CVE-2023-51477
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyBoss Theme: from n/a through 2.4.60...
CVE-2023-51477 WordPress BuddyBoss Theme theme <= 2.4.60 - Unauth. Arbitrary WordPress Settings Change vulnerability
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyBoss Theme: from n/a through 2.4.60...
CVE-2023-51477 WordPress BuddyBoss Theme theme <= 2.4.60 - Unauth. Arbitrary WordPress Settings Change vulnerability
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyBoss Theme: from n/a through 2.4.60...
PT-2024-14136 · Unknown · Buddyboss Theme
Name of the Vulnerable Software and Affected Versions: BuddyBoss Theme versions 2.4.60 and earlier Description: The issue is related to an Improper Authentication vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 2.4.60 and earlier...
BuddyBoss Theme < 2.4.61 - Missing Authorization
Description The BuddyBoss Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unspecified function in all versions up to, and including, 2.4.60. This makes it possible for unauthenticated attackers to change the plugin's settings...
WordPress BuddyBoss Theme Theme <= 2.4.60 is vulnerable to Settings Change
Software BuddyBoss Theme Type Theme Vulnerable versions = 2.4.60 Fixed in 2.4.61 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2023-51477 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 91b38329ee46 Credits Dave Jong Patchstack Required...
VulnCheck KEV: CVE-2023-51477
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BuddyBoss Theme: from n/a through 2.4.60...