EUVD-2025-3182

Malicious code in bioql PyPI...

EUVD-2022-25108

Malicious code in bioql PyPI...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2025-23436

Cross-Site Request Forgery CSRF vulnerability in capa Wp-Scribd-List wp-scribd-list allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through = 1.2...

CVE-2025-23436

Cross-Site Request Forgery CSRF vulnerability in capa Wp-Scribd-List wp-scribd-list allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through = 1.2...

CVE-2025-23436

CVE-2025-23436 describes a CSRF-to-Stored XSS in the WordPress plugin Wp-Scribd-List (vulnerable through 1.2). Exploitation, per the CVSS metrics, requires user interaction and can impact confidentiality, integrity, and availability. Affected software: Wp-Scribd-List

CVE-2025-23436 WordPress Wp-Scribd-List plugin <= 1.2 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in capa Wp-Scribd-List wp-scribd-list allows Stored XSS.This issue affects Wp-Scribd-List: from n/a through = 1.2...

amigosdelacapadesevilla.com Improper Access Control vulnerability OBB-3791839

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

capa-elec.com Cross Site Scripting vulnerability OBB-3753799

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-22841 · Rild · Rild

Name of the Vulnerable Software and Affected Versions: RILD versions prior to SMR Jul-2023 Release 1 Description: A heap out of bound write issue in the IpcRxUsimPhoneBookCapa of RILD allows attackers to execute arbitrary code. Recommendations: For versions prior to SMR Jul-2023 Release 1, update...

WordPress CaPa Protect plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress CaPa Protect plugin is vulnerable to cross-site request forgery, which stems from the failu...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

Cross site request forgery (csrf)

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CVE-2022-1832 entry concerns the CaPa Protect WordPress plugin (versions up to 0.5.8.2). The vulnerability arises from a missing CSRF check when updating settings, enabling a logged-in attacker to coerce an admin into changing settings and potentially disable the protection. Exploitation is v...

CVE-2022-1832 CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

WordPress plugin CaPa Protect 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress CaPa Protect plugin is vulnerable to cross-site request forgery, which stems from the failu...

CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection. HTMLFormElement.prototype.submit.call document.getElementById"test" ;...

WordPress CaPa Protect plugin <= 0.5.8.2 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress CaPa Protect plugin versions = 0.5.8.2. Solution Deactivate and delete. This plugin has been closed as of May 23, 2022 and is not available for download. This closure is temporary,...