WordPress Discussion Board plugin <= 2.5.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Discussion Board versions = 2.5.7...

EUVD-2025-2895

Malicious code in bioql PyPI...

EUVD-2024-53017

Malicious code in bioql PyPI...

EUVD-2023-40469

Malicious code in bioql PyPI...

CVE-2024-56219

Missing Authorization vulnerability in Marketing Fire Widget Options widget-options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through = 4.0.6.1...

CVE-2023-36520

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12...

CVE-2025-22630

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Marketing Fire Widget Options widget-options allows OS Command Injection.This issue affects Widget Options: from n/a through = 4.1.0...

CVE-2025-22630

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Marketing Fire Widget Options widget-options allows OS Command Injection.This issue affects Widget Options: from n/a through = 4.1.0...

CVE-2025-22630

CVE-2025-22630 concerns the WordPress plugin Widget Options. The vulnerability is a Command Injection (improper neutralization of special elements) that allows OS Command Injection and potentially Arbitrary Code Execution. Affected software: Widget Options versions

PT-2025-6951 · Unknown · Marketingfire Widget Options

Name of the Vulnerable Software and Affected Versions: MarketingFire Widget Options versions n/a through 4.1.0 Description: The issue is related to an Improper Neutralization of Special Elements used in a Command, also known as a Command Injection vulnerability, in MarketingFire Widget Options...

CVE-2024-56219

Missing Authorization vulnerability in Marketing Fire Widget Options widget-options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through = 4.0.6.1...

CVE-2024-56219

Missing Authorization vulnerability in MarketingFire Widget Options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through 4.0.6.1...

CVE-2023-36520

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12...

CVE-2023-36520

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12...

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12...

CVE-2023-36520

CVE-2023-36520 affects the WordPress Editorial Calendar plugin up to version 3.7.12. Affected: Editorial Calendar plugin for WordPress. What’s at issue: Insecure Direct Object References (IDOR) enabling an authorization bypass via a user-controlled key, as documented by Patchstack and CVE records...

CVE-2023-36520 WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR)

Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12...

PT-2023-25607 · Unknown · Marketingfire Editorial Calendar

Name of the Vulnerable Software and Affected Versions: MarketingFire Editorial Calendar versions 3.7.12 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar. Recommendations: For versions 3.7.12 and...