41 matches found
EUVD-2025-4215
Malicious code in bioql PyPI...
EUVD-2024-48347
Malicious code in bioql PyPI...
EUVD-2025-31302
Malicious code in bioql PyPI...
EUVD-2024-30327
Malicious code in bioql PyPI...
CVE-2025-60098
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Psai in WordPress Plugin Theme My Login versions = 7.1.12...
CVE-2025-60098
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
CVE-2025-60098
CVE-2025-60098 is a confirmed Missing Authorization vulnerability in the WordPress plugin Theme My Login , affecting versions up to 7.1.12. CVSS v3.1 base score 6.5 (Medium) with NETWORK attack vector, LOW complexity, no privileges required, and LOW impact on availability; impact primarily to con...
WordPress plugin Theme My Login security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-39545
Name of the Vulnerable Software and Affected Versions Theme My Login versions through 7.1.12 Description An authorization issue exists in Theme My Login, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Theme My Login to a version later than...
CVE-2024-32525
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6...
CVE-2025-26547
Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...
CVE-2025-26547
Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...
CVE-2025-26547
CVE-2025-26547 describes a CSRF-based vulnerability in the WordPress plugin My Login Logout Plugin (versions n/a through 2.4) that enables Stored XSS. Underlying issue is CSRF allowing injected scripts to be stored and later executed by other users. Reported base CVSS v3.1 score is 7.1 (High) wit...
CVE-2025-26547 WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin allows Stored XSS. This issue affects My Login Logout Plugin: from n/a through 2.4...
CVE-2025-26547 WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery CSRF vulnerability in nagarjunsonti My Login Logout Plugin my-loginlogout allows Stored XSS.This issue affects My Login Logout Plugin: from n/a through = 2.4...
CVE-2024-7422
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tmladminsavemssettings function. This makes it possible for unauthenticated attackers to update the theme's...
CVE-2024-7422 Theme My Login <= 7.1.7 - Cross-Site Request Forgery to Settings Update
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tmladminsavemssettings function. This makes it possible for unauthenticated attackers to update the theme's...