5 matches found
CVE-2025-53277
Cross-Site Request Forgery CSRF vulnerability in Infigo Software IS-theme-companion weblizar-companion allows Object Injection.This issue affects IS-theme-companion: from n/a through = 1.59...
PT-2025-15945 · Unknown · Specia Companion +1
Name of the Vulnerable Software and Affected Versions: Specia Companion versions n/a through 4.6 Description: The issue is related to a Missing Authorization vulnerability in Specia Theme Specia Companion, which allows exploiting incorrectly configured access control security levels...
CVE-2025-30817
CVE-2025-30817 documents a Missing Authorization vulnerability in the WordPress plugin Z Companion (wpzita). Affected versions are listed as from n/a through 1.0.13. Root cause is described as an Incorrectly Configured Access Control Security Levels, enabling unauthorized access due to Missing Au...
CVE-2019-16326
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented. A remote attacker could exploit this in conjunction with CVE-2019-16327 to enable remote router management and device compromise. NOTE: this is an end-of-life product...
PT-2014-2868 · D Link · D-Link Dir-505L Shareport Mobile Companion +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-505L SharePort Mobile Companion version 1.01 D-Link DIR-826L Wireless N600 Cloud Router version 1.02 Description: The issue allows remote attackers to bypass authentication via a direct request when an authorized session is active...