Lucene search
K

9 matches found

EUVD
EUVD
added 2025/12/13 6:30 p.m.4 views

EUVD-2025-203225

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS4.9AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14462

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/13 4:31 a.m.4 views

CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS5AI score0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/13 4:31 a.m.25 views

CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS0.00112EPSS
Exploits0References2
CVE
CVE
added 2025/12/13 4:31 a.m.9 views

CVE-2025-14462

The CVE-2025-14462 issue affects the Lucky Draw Contests plugin for WordPress (versions

4.3CVSS5AI score0.00112EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/13 1:23 a.m.9 views

WordPress Lucky Draw Contests plugin <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Lucky Draw Contests versions = 4.2...

4.3CVSS6.8AI score0.00112EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.6 views

PT-2025-51076

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS5.3AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.4 views

WordPress plugin Lucky Draw Contests 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.3AI score0.00112EPSS
Exploits0References3
CNVD
CNVD
added 2017/09/21 12:0 a.m.2 views

Speedmaster Mom and Pop App has SMS Bombing Vulnerability

Speed Maternity App is a shopping application platform for maternity and baby products. There is an SMS bombing vulnerability in the lucky draw section of the Speed Maternity and Baby APP, where an attacker can obtain a specified prize by modifying the function of the prize ID, and consume server...

6.8AI score
Exploits0
Rows per page
Query Builder