WordPress Sertifier Certificate & Badge Maker plugin <= 1.19 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Sertifier Certificate & Badge Maker versions = 1.19...

CVE-2025-53214

Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-certificates-open-badges allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sertifier Certificate & Badge Maker: from n/a through = 1.21...

CVE-2025-53214 WordPress Sertifier Certificate & Badge Maker plugin <= 1.21 - Broken Access Control Vulnerability

Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-certificates-open-badges allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sertifier Certificate & Badge Maker: from n/a through = 1.21...

CVE-2025-7841 Sertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings Update

The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or incorrect nonce validation on the 'sertifiersettings' page. This makes it possible for...

PT-2025-34512 · WordPress · Sertifier Certificate & Badge Maker For Wordpress – Tutor Lms

Name of the Vulnerable Software and Affected Versions: Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin versions prior to 1.20 Description: The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin is susceptible to Cross-Site Request Forgery CSRF due to missing...

Malicious code in certificate-maker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bedc0b3fd0aec2dd66eb32f404fb3a5b5d8dbc789cf8fb670813a460e0b9d891 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1861 Malicious code in certificate-maker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bedc0b3fd0aec2dd66eb32f404fb3a5b5d8dbc789cf8fb670813a460e0b9d891 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...