PT-2025-46580

Name of the Vulnerable Software and Affected Versions Braintree For WooCommerce versions up to and including 3.2.78 Description The Payment Plugins Braintree For WooCommerce plugin for WordPress is susceptible to authorization bypass. This is caused by a missing capability check on the...

EUVD-2025-13666

Malicious code in bioql PyPI...

CVE-2023-1024

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to generate sitemaps...

CVE-2021-24278

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, unauthenticated users can use the wpcf7rgetnonce AJAX action to retrieve a valid nonce for any WordPress action/function...

CVE-2025-3766

The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajaxruntool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-3766

The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajaxruntool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-3766

The CVE-2025-3766 entry concerns WordPress Login Lockdown & Protection (

CVE-2023-1023

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to change...