1117 matches found
EUVD-2021-29329
Malicious code in bioql PyPI...
EUVD-2023-33593
Malicious code in bioql PyPI...
EUVD-2024-48322
Malicious code in bioql PyPI...
EUVD-2025-31411
Malicious code in bioql PyPI...
EUVD-2025-24541
Malicious code in bioql PyPI...
EUVD-2022-35098
Malicious code in bioql PyPI...
EUVD-2025-24542
Malicious code in bioql PyPI...
EUVD-2025-4726
Malicious code in bioql PyPI...
EUVD-2025-28787
Malicious code in bioql PyPI...
CVE-2025-9897
The AP Background plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to missing or incorrect nonce validation on the advParallaxBackAdminSaveSlider function. This makes it possible for unauthenticated attackers to create or...
CVE-2025-9630
The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotypeconfig function. This makes it possible for unauthenticated attackers to modify typography settings via a...
CVE-2025-10309
The PayPal Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing nonce validation on the form creation and management functions. This makes it possible for unauthenticated attackers to create new PayPal forms and...
CVE-2025-9897 AP Background <= 3.8.2 - Cross-Site Request Forgery
The AP Background plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to missing or incorrect nonce validation on the advParallaxBackAdminSaveSlider function. This makes it possible for unauthenticated attackers to create or...
CVE-2025-9895 Notification Bar <= 2.2 - Cross-Site Request Forgery
The Notification Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the 'subscriber-list-empty.php' file. This makes it possible for unauthenticated attackers to empty the subscrib...
CVE-2025-9895
CVE-2025-9895 : The WordPress plugin Notification Bar (versions
CVE-2025-9630
The CVE concerns WP SinoType (WordPress) plugin vulnerable to Cross-Site Forgery (CSRF) in versions ≤ 1.0 due to missing/incorrect nonce validation in sinotype_config, enabling unauthenticated attackers to modify typography settings if a site admin is tricked. Public details confirm affected soft...
CVE-2025-9889 ContentMX Content Publisher <= 1.0.6 - Cross-Site Request Forgery
The ContentMX Content Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the cmxactivateconnection function. This makes it possible for unauthenticated attackers to bind...
CVE-2025-9889
CVE-2025-9889 : WordPress ContentMX Content Publisher plugin
CVE-2025-9630 WP SinoType <= 1.0 - Cross-Site Request Forgery
The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotypeconfig function. This makes it possible for unauthenticated attackers to modify typography settings via a...
CVE-2025-9630 WP SinoType <= 1.0 - Cross-Site Request Forgery
The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotypeconfig function. This makes it possible for unauthenticated attackers to modify typography settings via a...