5 matches found
EUVD-2025-17171
Malicious code in bioql PyPI...
CVE-2025-28964
Cross-Site Request Forgery CSRF vulnerability in mangup Personal Favicon personal-favicon allows Stored XSS.This issue affects Personal Favicon: from n/a through = 2.0...
CVE-2025-28964
Cross-Site Request Forgery CSRF vulnerability in mangup Personal Favicon personal-favicon allows Stored XSS.This issue affects Personal Favicon: from n/a through = 2.0...
CVE-2025-28964
CVE-2025-28964 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Personal Favicon , which enables a Stored XSS condition. Affected: Personal Favicon, potentially up to version 2.0 (no lower bound provided). The CVSS 3.1 metrics indicate a base score of 7.1 (High)...
PT-2025-24127 · Unknown · Mangup Personal Favicon
Name of the Vulnerable Software and Affected Versions: mangup Personal Favicon versions n/a through 2.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application...