EUVD-2025-25063

Malicious code in bioql PyPI...

CVE-2025-7668

The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update...

CVE-2025-7668

The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update...

CVE-2025-7668 Linux Promotional Plugin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update...

CVE-2025-7668

CVE-2025-7668 — Linux Promotional Plugin for WordPress is a CSRF to Stored XSS vulnerability affecting all versions up to 1.4. The issue arises from missing or incorrect nonce validation on the plugin’s linux-promotional-plugin.php page, enabling unauthenticated attackers to update settings and i...

CVE-2025-7668 Linux Promotional Plugin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update...

WordPress plugin Linux Promotional Plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-33531 · WordPress · Linux Promotional Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Linux Promotional Plugin for WordPress versions up to and including 1.4 Description: The Linux Promotional Plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the...

WordPress Linux Promotional Plugin plugin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Linux Promotional Plugin versions = 1.4...