5 matches found
CVE-2025-25146
Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals songkick-concerts-and-festivals allows Cross Site Request Forgery.This issue affects Songkick Concerts and Festivals: from n/a through = 0.9.7...
CVE-2025-25146
creationtimestamp| type| source ---|---|--- 2025-02-07 10:17:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleplx6pi2x 2025-02-07 12:53:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lhlngvafqv2a 2025-02-07 13:00:54+00:00| seen|...
CVE-2025-25146 WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals allows Cross Site Request Forgery. This issue affects Songkick Concerts and Festivals: from n/a through 0.9.7...
CVE-2025-25146
CVE-2025-25146 arises from a CSRF flaw in the WordPress plugin Songkick Concerts and Festivals (vendor: saleandro) affecting versions up to 0.9.7 . The vulnerability permits unauthorized actions to be performed on behalf of authenticated users by exploiting cross-site requests. The CVE entry list...
CVE-2025-25146 WordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in saleandro Songkick Concerts and Festivals songkick-concerts-and-festivals allows Cross Site Request Forgery.This issue affects Songkick Concerts and Festivals: from n/a through = 0.9.7...