Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-30305

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00124EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19622

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.02122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/22 7:33 a.m.14 views

CVE-2025-9887

The Custom Login And Signup Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in the /frndzkadminclsw.php file. This makes it possible for unauthenticated attackers to change the...

4.3CVSS5.3AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2025/09/20 7:15 a.m.3 views

CVE-2025-9887

The Custom Login And Signup Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in the /frndzkadminclsw.php file. This makes it possible for unauthenticated attackers to change the...

4.3CVSS0.00124EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/20 12:0 a.m.1 views

WordPress plugin Custom Login And Signup Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an...

4.3CVSS6AI score0.00124EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/20 12:0 a.m.4 views

PT-2025-38636

Name of the Vulnerable Software and Affected Versions Custom Login And Signup Widget versions prior to 1.0 Description The Custom Login And Signup Widget plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in the /frndzk adminclsw.php fil...

4.3CVSS6.1AI score0.00124EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/01 1:27 p.m.6 views

CVE-2025-49029 WordPress Custom Login And Signup Widget plugin <= 1.0 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0...

9.1CVSS7.4AI score0.02122EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/07/01 12:0 a.m.2 views

WordPress Custom Login and Signup Widget 1.0 Remote Code Execution

WordPress Custom Login and Signup Widget plugin versions 1.0 and below suffer from a remote code execution vulnerability...

9.1CVSS7.9AI score0.02122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.6 views

PT-2025-27528 · Unknown · Bitto.Kazi Custom Login/Signup Widget

Name of the Vulnerable Software and Affected Versions: bitto.Kazi Custom Login And Signup Widget versions 1.0 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Code Injection. This vulnerability can potentially...

9.1CVSS6.6AI score0.02122EPSS
Exploits0References8
Rows per page
Query Builder