EUVD-2022-42526

Malicious code in bioql PyPI...

EUVD-2023-23380

Malicious code in bioql PyPI...

EUVD-2022-24881

Malicious code in bioql PyPI...

CVE-2021-24784

The WP Admin Logo Changer WordPress plugin through 1.0 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin update them via a CSRF attack...

CVE-2024-6857

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its Header, Footer and Body Script Settings, which could allow attackers to make logged admins perform such action via a CSRF attack...

PT-2025-2012 · WordPress · Wp Projects Portfolio With Client Testimonials

Name of the Vulnerable Software and Affected Versions: WP Projects Portfolio with Client Testimonials WordPress plugin versions 3.0 and earlier Description: The issue concerns the lack of CSRF check in some places, as well as missing sanitisation and escaping, which could allow attackers to make...

PT-2024-37670 · WordPress · Light Poll Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Light Poll WordPress plugin versions through 1.0.0 Description: The issue concerns a lack of CSRF checks when deleting polls, which could allow attackers to make logged-in users perform such actions via a CSRF attack. Recommendations: For...

PT-2024-14998 · Wpblog · Wp Blogs' Planetarium Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: WP Blogs' Planetarium WordPress plugin versions 1.0 and earlier Description: The issue is related to the lack of a CSRF check when updating settings in the plugin, which could allow attackers to make a logged-in admin change them via a CSRF...