EUVD-2025-17670

Malicious code in bioql PyPI...

WordPress Civi Framework plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Civi Framework plugin that stems from the WEB application not adequately verifying that a request is from a...

CVE-2025-49511

Cross-Site Request Forgery CSRF vulnerability in uxper Civi Framework civi-framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through = 2.1.6...

CVE-2025-49511

Cross-Site Request Forgery CSRF vulnerability in uxper Civi Framework civi-framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through = 2.1.6...

CVE-2025-49511 WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability

Cross-Site Request Forgery CSRF vulnerability in uxper Civi Framework civi-framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through = 2.1.6...

CVE-2025-49511

CVE-2025-49511 : CSRF in Civi Framework (WordPress plugin) affects Civi Framework up to 2.1.6.x (CNVD lists 2.1.6.3). Root cause: insufficient verification of request origin leading to unauthorized actions. Exploitation details not provided in the documents. According to connected CNVD entry, pat...

CVE-2025-49511 WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability

Cross-Site Request Forgery CSRF vulnerability in uxper Civi Framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through 2.1.6...

WordPress plugin Civi Framework 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Civi Framework plugin that stems from the WEB application not adequately verifying that a request is from a...

PT-2025-24658 · Unknown · Civi Framework

Name of the Vulnerable Software and Affected Versions: Civi Framework versions 2.1.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF problem, which allows for Cross-Site Request Forgery. Recommendations: For versions 2.1.6 and earlier, update to a version later...

WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability

Cross Site Request Forgery CSRF to User Deactivation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Civi Framework versions = 2.1.6...