4 matches found
CVE-2025-12449
CVE-2025-12449 (aBlocks – Gutenberg Blocks, WordPress Plugin) The vulnerability arises from missing capability checks on multiple AJAX actions in the aBlocks WordPress plugin (versions up to 2.4.0). This allows authenticated users with subscriber level access and above to modify data and disclose...
Absolute Secure Access 安全漏洞
Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.56, which stems from a privilege bypass that could result in improperly...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Sitecom WLM-2501 allow remote attackers to hijack the authentication of administrators for requests that modify settings for 1 Mac Filtering via admin/formFilter, 2 IP/Port Filtering via formFilter, 3 Port Forwarding via formPortFw, 4...