171 matches found
CVE-2022-0345
The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfwsearchusers AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes finding the first letter, then the second one, then the third one...
CVE-2023-49153
Cross-Site Request Forgery CSRF vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0...
EUVD-2005-2379
Malware in sbrugna...
EUVD-2019-7582
Malware in sbrugna...
EUVD-2020-23511
Malware in sbrugna...
EUVD-2021-20525
Malware in sbrugna...
CVE-2025-8669
The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...
EUVD-2025-10656
Malicious code in bioql PyPI...
EUVD-2025-32258
Malicious code in bioql PyPI...
EUVD-2023-56090
Malicious code in bioql PyPI...
EUVD-2025-12022
Malicious code in bioql PyPI...
EUVD-2025-12026
Malicious code in bioql PyPI...
EUVD-2024-52838
Malicious code in bioql PyPI...
EUVD-2023-53158
Malicious code in bioql PyPI...
CVE-2025-8669
The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...
CVE-2025-8669 Customify <= 0.4.11 - Cross-Site Request Forgery
The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...
CVE-2025-8669 Customify <= 0.4.11 - Cross-Site Request Forgery
The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the resetcustomizesection function. This makes it possible for unauthenticated attackers to reset theme customization settings via a forged...
CVE-2025-8669
CVE-2025-8669 affects the WordPress Customify theme up to version 0.4.11. The issue is a Cross-Site Request Forgery (CSRF) in the reset_customize_section function caused by missing/incorrect nonce validation, allowing unauthenticated attackers to reset theme customization settings via forged requ...
PT-2025-40478
Name of the Vulnerable Software and Affected Versions Customify theme for WordPress version 0.4.11 Description The software is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in the reset customize section function. This allows unauthenticated attackers to...
CVE-2025-58825 WordPress Comment Form WP – Customize Default Comment Form plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Habibur Rahman Comment Form WP – Customize Default Comment Form comment-form-wp allows Stored XSS.This issue affects Comment Form WP – Customize Default Comment Form: from n/a through = 2.0.1...