Lucene search
K

171 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.8 views

CVE-2022-0345

The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfwsearchusers AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes finding the first letter, then the second one, then the third one...

4.3CVSS6.6AI score0.00423EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.7 views

CVE-2023-49153

Cross-Site Request Forgery CSRF vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0...

8.8CVSS8.5AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-2379

Malware in sbrugna...

5CVSS6.2AI score0.09108EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7582

Malware in sbrugna...

5.4CVSS5.6AI score0.00618EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23511

Malware in sbrugna...

4.8CVSS5.1AI score0.00723EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20525

Malware in sbrugna...

5.4CVSS5.5AI score0.01318EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/06 7:16 a.m.6 views

CVE-2025-8669

The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...

4.3CVSS5.8AI score0.00157EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10656

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-32258

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-56090

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12022

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12026

Malicious code in bioql PyPI...

5.9CVSS6.9AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-52838

Malicious code in bioql PyPI...

4.8CVSS5.5AI score0.00326EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-53158

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2025/10/03 12:15 p.m.25 views

CVE-2025-8669

The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...

4.3CVSS0.00157EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/03 11:17 a.m.4 views

CVE-2025-8669 Customify <= 0.4.11 - Cross-Site Request Forgery

The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...

4.3CVSS5.3AI score0.00157EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/03 11:17 a.m.9 views

CVE-2025-8669 Customify <= 0.4.11 - Cross-Site Request Forgery

The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...

4.3CVSS0.00157EPSS
Exploits0References4
CVE
CVE
added 2025/10/03 11:17 a.m.21 views

CVE-2025-8669

CVE-2025-8669 affects the WordPress Customify theme up to version 0.4.11. The issue is a Cross-Site Request Forgery (CSRF) in the reset_customize_section function caused by missing/incorrect nonce validation, allowing unauthenticated attackers to reset theme customization settings via forged requ...

4.3CVSS5.3AI score0.00157EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.12 views

PT-2025-40478

Name of the Vulnerable Software and Affected Versions Customify theme for WordPress version 0.4.11 Description The software is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in the reset customize section function. This allows unauthenticated attackers to...

4.3CVSS6.4AI score0.00157EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58825 WordPress Comment Form WP – Customize Default Comment Form plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Habibur Rahman Comment Form WP – Customize Default Comment Form comment-form-wp allows Stored XSS.This issue affects Comment Form WP – Customize Default Comment Form: from n/a through = 2.0.1...

5.9CVSS0.0021EPSS
Exploits0References1
Rows per page
Query Builder