9 matches found
EUVD-2025-203225
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462
The CVE-2025-14462 issue affects the Lucky Draw Contests plugin for WordPress (versions
WordPress Lucky Draw Contests plugin <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Lucky Draw Contests versions = 4.2...
PT-2025-51076
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
WordPress plugin Lucky Draw Contests 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
Speedmaster Mom and Pop App has SMS Bombing Vulnerability
Speed Maternity App is a shopping application platform for maternity and baby products. There is an SMS bombing vulnerability in the lucky draw section of the Speed Maternity and Baby APP, where an attacker can obtain a specified prize by modifying the function of the prize ID, and consume server...