6 matches found
EUVD-2025-3005
Malicious code in bioql PyPI...
EUVD-2023-12551
Malicious code in bioql PyPI...
CVE-2023-0503
The Free WooCommerce Theme 99fy Extension WordPress plugin before 1.2.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2025-22801
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes Free WooCommerce Theme 99fy Extension 99fy-core allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through = 1.2.8...
CVE-2023-0503
The Free WooCommerce Theme 99fy Extension WordPress plugin before 1.2.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
PT-2023-16315 · WordPress · The Free Woocommerce Theme 99Fy Extension
Name of the Vulnerable Software and Affected Versions: The Free WooCommerce Theme 99fy Extension WordPress plugin versions prior to 1.2.8 Description: The issue concerns a lack of CSRF check when activating plugins, which could allow attackers to make logged-in admins activate arbitrary plugins...