4 matches found
CVE-2025-9374
The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can...
CVE-2025-9374 Ultimate Tag Warrior Importer <= 0.2 - Cross-Site Request Forgery
The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can...
PT-2025-35190
Name of the Vulnerable Software and Affected Versions: The Ultimate Tag Warrior Importer plugin for WordPress versions prior to 0.3 Description: The Ultimate Tag Warrior Importer plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on a...
CVE-2018-12976
In Go Doc Dot Org gddo through 2018-06-27, an attacker could use specially crafted tags in packages being fetched by gddo to cause a directory traversal and remote code execution...