3 matches found
CVE-2025-4198
creationtimestamp| type| source ---|---|--- 2025-05-03 03:26:53+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loafejza3l42 2025-05-03 06:05:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loaob3fxq324 2025-05-03...
CVE-2025-4198
The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious we...
WordPress Alink Tap plugin <= 1.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Alink Tap versions = 1.3.1...