238 matches found
CVE-2026-24384
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384
CVE-2026-24384 is a CSRF vulnerability in the WordPress plugin Merge + Minify + Refresh (launchinteractive). Affected versions are from n/a through 2.14. Red Hat and CIRCL entries confirm the vulnerability and indicate a patch has been issued; public exploit details are not provided. No explicit ...
CVE-2026-24384 WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384 WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
PT-2026-4268
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
WordPress plugin Merge + Minify + Refresh has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Mrreee in WordPress Plugin Merge + Minify + Refresh versions = 2.14...
WordPress Add Expires Headers & Optimized Minify plugin <= 3.1.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Add Expires Headers & Optimized Minify versions = 3.1.0...
EUVD-2025-176220
Malicious code in star-private-minify-bad-compress npm...
Malicious code in xi-minify-bundle-sigma-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0d9afe7d7141055c0838ad1a3d5294b15a110475b4a168a1ba8da29c0f3f468 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in scale-compress-minify-wind-interface (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74cf00479e7cd2290e4a0ccc2c84047c9a059d424a668bd7c886f48e901c9c1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176305
Malicious code in socket-minify-export-catch-file npm...
EUVD-2025-177827
Malicious code in minify-report-compress-compress-process npm...
EUVD-2025-180143
Malicious code in bad-stub-key-fast-minify npm...
EUVD-2025-176329
Malicious code in small-bundle-function-minify-query npm...
EUVD-2025-176303
Malicious code in socket-sigma-minify-pipe-array npm...
EUVD-2025-177537
Malicious code in notify-beta-tree-mock-minify npm...
EUVD-2025-176422
Malicious code in serialize-minify-decompress-mu-cron npm...
EUVD-2025-178690
Malicious code in good-minify-private-container-object npm...
EUVD-2025-178037
Malicious code in log-delta-daemon-finally-minify npm...