Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-10588

Malware in sbrugna...

6.5CVSS6.6AI score0.00725EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-42648

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00552EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-30333

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:55 a.m.11 views

CVE-2022-3240

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

8.8CVSS6.2AI score0.00552EPSS
Exploits1References1
NVD
NVD
added 2023/11/30 3:15 p.m.21 views

CVE-2023-40662

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15...

7.5CVSS0.00552EPSS
Exploits0References1
NVD
NVD
added 2023/10/12 3:15 p.m.22 views

CVE-2023-41131

Cross-Site Request Forgery CSRF vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.10 versions...

8.8CVSS5.9AI score0.00214EPSS
Exploits0References1
Prion
Prion
added 2023/10/12 3:15 p.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.10 versions...

6.8CVSS8.8AI score0.00214EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/12 2:26 p.m.89 views

CVE-2023-41131

CVE-2023-41131 refers to a CSRF vulnerability in the WordPress plugin Sptify Play Button for WordPress (Jonk @ Follow me Darling Sp tify Play Button) affecting versions

8.8CVSS6.6AI score0.00214EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/12 2:26 p.m.31 views

CVE-2023-41131 WordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.10 versions...

4.3CVSS9.1AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/12 12:0 a.m.5 views

PT-2023-27815 · WordPress · Jonk @ Follow Me Darling Sp*Tify Play Button

Name of the Vulnerable Software and Affected Versions: Jonk @ Follow me Darling Sptify Play Button for WordPress plugin versions = 2.10 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performi...

8.8CVSS8.5AI score0.00214EPSS
Exploits0References4
NVD
NVD
added 2023/04/05 8:15 a.m.29 views

CVE-2023-26536

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.05 versions...

6.5CVSS6.1AI score0.0037EPSS
Exploits0References1
OSV
OSV
added 2023/04/05 8:15 a.m.4 views

CVE-2023-26536

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.05 versions...

5.4CVSS6.7AI score0.0037EPSS
Exploits0References1
Prion
Prion
added 2023/04/05 8:15 a.m.17 views

Cross site scripting

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Jonk @ Follow me Darling Sptify Play Button for WordPress plugin = 2.05 versions...

4.9CVSS5.3AI score0.0037EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/05 7:35 a.m.60 views

CVE-2023-26536

CVE-2023-26536 affects the WordPress plugin “Jonk @ Follow me Darling Sptify Play Button for WordPress” (Sp tify Play Button) up to version 2.05. The issue is an authenticated stored XSS via shortcode attributes (contributor+ required) that can output malicious scripts. Patch available in version...

6.5CVSS5.5AI score0.0037EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/11/15 2:15 p.m.25 views

CVE-2022-3240

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

8.8CVSS0.00552EPSS
Exploits1References3
OSV
OSV
added 2022/11/15 2:15 p.m.6 views

CVE-2022-3240

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

8.8CVSS5.6AI score0.00552EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/11/15 2:15 p.m.4 views

CVE-2022-3240

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

8.8CVSS7.2AI score0.00552EPSS
Exploits1References3
Prion
Prion
added 2022/11/15 2:15 p.m.16 views

Cross site request forgery (csrf)

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

6.8CVSS8.2AI score0.00552EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/11/15 1:25 p.m.55 views

CVE-2022-3240

The CVE-2022-3240 entry concerns WordPress plugin Follow Me Plugin (versions ≤ 3.1.1). Root cause: missing nonce validation on FollowMeIgniteSocialMedia_options_page() enables CSRF, allowing unauthenticated attackers to alter plugin settings and inject JavaScript; WPVulnDB also notes potential St...

8.8CVSS8.2AI score0.00552EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/11/15 1:25 p.m.30 views

CVE-2022-3240 Follow Me Plugin <= 3.1.1 - Cross-Site Request Forgery to Cross-Site Scripting

The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMediaoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin'...

8.8CVSS8.5AI score0.00552EPSS
Exploits1References3
Rows per page
Query Builder