47 matches found
EUVD-2025-10604
Malicious code in bioql PyPI...
EUVD-2024-31867
Malicious code in bioql PyPI...
CVE-2024-3277
The Yumpu ePaper publishing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxhandler function in all versions up to, and including, 2.0.24. This makes it possible for authenticated attackers, with subscriber-level access and abov...
CVE-2025-32502
Cross-Site Request Forgery CSRF vulnerability in lemmentwickler ePaper Lister for Yumpu magazine-lister-for-yumpu allows Stored XSS.This issue affects ePaper Lister for Yumpu: from n/a through = 1.4.0...
CVE-2025-32502
Cross-Site Request Forgery CSRF vulnerability in lemmentwickler ePaper Lister for Yumpu magazine-lister-for-yumpu allows Stored XSS.This issue affects ePaper Lister for Yumpu: from n/a through = 1.4.0...
CVE-2025-32502
CVE-2025-32502 is a CSRF-triggered Stored XSS vulnerability in the WordPress plugin ePaper Lister for Yumpu . According to the connected Wordfence vulnerability report, the issue affects the plugin up to version 1.4.0 and is currently unpatched . The vulnerability arises when an attacker abuses C...
CVE-2025-32502 WordPress ePaper Lister for Yumpu plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in lemmentwickler ePaper Lister for Yumpu magazine-lister-for-yumpu allows Stored XSS.This issue affects ePaper Lister for Yumpu: from n/a through = 1.4.0...
CVE-2025-32502 WordPress ePaper Lister for Yumpu plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in lemmentwickler ePaper Lister for Yumpu magazine-lister-for-yumpu allows Stored XSS.This issue affects ePaper Lister for Yumpu: from n/a through = 1.4.0...
WordPress ePaper Lister for Yumpu plugin <= 1.4.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin ePaper Lister for Yumpu versions = 1.4.0...
PT-2025-15781 · Yumpu · Epaper Lister For Yumpu
Name of the Vulnerable Software and Affected Versions: ePaper Lister for Yumpu versions 1.4.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the web...
WordPress plugin ePaper Lister for Yumpu 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Yumpu E-Paper publishing plugin <= 3.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by yudha in WordPress Plugin Yumpu ePaper publishing versions = 3.0.8...
PT-2024-17382 · Unknown · Corporate Training Management System
Name of the Vulnerable Software and Affected Versions: Corporate Training Management System versions prior to 10.13 Description: A vulnerability in the epaper draft function of the Corporate Training Management System allows remote authenticated users to bypass file upload restrictions and execut...
CVE-2024-3277
The Yumpu ePaper publishing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxhandler function in all versions up to, and including, 2.0.24. This makes it possible for authenticated attackers, with subscriber-level access and abov...
CVE-2024-3277 Yumpu ePaper publishing <= 2.0.24 - Missing Authorization to PDF Upload, Publishing, and API Key Modification
The Yumpu ePaper publishing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxhandler function in all versions up to, and including, 2.0.24. This makes it possible for authenticated attackers, with subscriber-level access and abov...
CVE-2024-3277 Yumpu ePaper publishing <= 2.0.24 - Missing Authorization to PDF Upload, Publishing, and API Key Modification
The Yumpu ePaper publishing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxhandler function in all versions up to, and including, 2.0.24. This makes it possible for authenticated attackers, with subscriber-level access and abov...
CVE-2024-3277
CVE-2024-3277 affects the WordPress plugin “Yumpu ePaper publishing” (versions
WordPress plugin Yumpu ePaper publishing 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-24841 · WordPress · Yumpu Epaper Publishing Plugin
Name of the Vulnerable Software and Affected Versions: Yumpu ePaper publishing plugin for WordPress version 2.0.24 and earlier Description: The issue allows authenticated attackers with subscriber-level access and above to upload PDF files, publish them, and modify the API key due to a missing...
WordPress Yumpu ePaper publishing plugin <= 2.0.24 - Missing Authorization to PDF Upload, Publishing, and API Key Modification vulnerability
Missing Authorization to PDF Upload, Publishing, and API Key Modification vulnerability discovered by Lucio Sá in WordPress Plugin Yumpu ePaper publishing versions = 2.0.24...