Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-15611

The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the addoreditpopupbox function before saving popup data, allowing unauthenticated attackers to perform Cross-Site Request Forgery attacks. When an authenticated admin visits a malicious page, the attacker can create ...

5.4CVSS5.6AI score0.00136EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-33979

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00265EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 p.m.4 views

CVE-2022-1611

The Bulk Page Creator WordPress plugin before 1.1.4 does not protect its page creation functionalities with nonce checks, which makes them vulnerable to CSRF...

8.8CVSS6.8AI score0.00609EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:55 p.m.6 views

CVE-2022-2223

The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewicduplicateslider. This make it possible for unauthenticated attackers to duplicate existing posts...

5.4CVSS6.5AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2023/12/18 8:15 p.m.4 views

CVE-2023-5886

The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not check nonce tokens early enough in the request lifecycle, allowing attackers with the ability to upload files to make logged in users perform unwanted actions leading t...

8.8CVSS6.1AI score0.0055EPSS
Exploits2References1
Rows per page
Query Builder