CVE-2024-34806

Cross-Site Request Forgery CSRF vulnerability in Creative Motion Clearfy Cache.This issue affects Clearfy Cache: from n/a through 2.2.1...

EUVD-2024-46001

Malicious code in bioql PyPI...

EUVD-2024-31345

Malicious code in bioql PyPI...

EUVD-2024-35509

Malicious code in bioql PyPI...

EUVD-2024-40049

Malicious code in bioql PyPI...

EUVD-2024-37570

Malicious code in bioql PyPI...

CVE-2024-43260

Missing Authorization vulnerability in Creative Motion Clearfy Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clearfy Cache: from n/a through 2.2.4...

CVE-2024-52420

Cross-Site Request Forgery CSRF vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through = 1.4.0...

CVE-2024-33629

Server-Side Request Forgery SSRF vulnerability in Creative Motion Auto Featured Image Auto Post Thumbnail.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through 4.0.0...

CVE-2024-43122

Missing Authorization vulnerability in Creative Motion Robin image optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robin image optimizer: from n/a through 1.6.9...

CVE-2024-52420

Cross-Site Request Forgery CSRF vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through = 1.4.0...

CVE-2024-52420

CVE-2024-52420 concerns a Cross-Site Request Forgery in the WordPress plugin Disable Admin Notices individually. The initial record specifies that the issue affects plugin versions up to 1.3.5, and multiple connected sources corroborate a CSRF vulnerability in this plugin. Patchstack and related ...

CVE-2024-38719

CVE-2024-38719 is a real, publicly documented vulnerability affecting the WordPress plugin Creative Motion Auto Featured Image (Auto Post Thumbnail) up to version 4.1.2 . The root cause is a Missing/Incorrectly Configured Authorization that allows exploitation of access control weaknesses in the ...

CVE-2024-43122 WordPress Robin image optimizer plugin <= 1.6.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Creative Motion Robin image optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Robin image optimizer: from n/a through 1.6.9...

CVE-2024-43122

CVE-2024-43122 describes a Missing Authorization (Broken/Incorrect Access Control) vulnerability in the Robin image optimizer WordPress plugin, affecting version 1.6.9 and earlier. The CVE notes that exploitation requires Network access with Low attack complexity and Low privileges, with potentia...

CVE-2024-43260

CVE-2024-43260 refers to a Missing Authorization vulnerability in the WordPress plugin Clearfy Cache. Public sources indicate affected versions up to 2.2.4 and describe an incorrectly configured access control that could enable unauthorized access. The provided connected documents do not specify ...

PT-2024-28213 · Creative Motion · Creativemotion Titan Anti-Spam & Security

Name of the Vulnerable Software and Affected Versions: CreativeMotion Titan Anti-spam & Security versions n/a through 7.3.6 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: F...

PT-2024-28164 · Creative Motion · Creative Motion Auto Featured Image

Name of the Vulnerable Software and Affected Versions: Creative Motion Auto Featured Image Auto Post Thumbnail versions 4.1.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels...

PT-2024-30310 · Unknown · Creative Motion Robin

Name of the Vulnerable Software and Affected Versions: Creative Motion Robin image optimizer versions 1.6.9 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For...

CVE-2024-35751

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through 2.4.10...