WordPress OnePress theme <= 2.3.15 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Theme OnePress versions = 2.3.15...

EUVD-2022-24897

Malicious code in bioql PyPI...

EUVD-2025-2898

Malicious code in bioql PyPI...

EUVD-2024-36933

Malicious code in bioql PyPI...

EUVD-2024-37587

Malicious code in bioql PyPI...

CVE-2024-37448

Cross-Site Request Forgery CSRF vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through = 2.3.6...

CVE-2022-1608

The OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-22643

Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through = 2.3.11...

CVE-2025-22643

Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through = 2.3.11...

CVE-2025-22643

CVE-2025-22643 affects FameThemes OnePress WordPress theme (versions

CVE-2025-22643 WordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through = 2.3.11...

CVE-2025-22643 WordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through = 2.3.11...

WordPress plugin OnePress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-4610 · Famethemes · Famethemes Onepress

Name of the Vulnerable Software and Affected Versions: FameThemes OnePress versions prior to 2.3.11 Description: The issue is related to a lack of authorization in FameThemes OnePress, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For...

WordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Theme OnePress versions = 2.3.11...

CVE-2024-37448

Cross-Site Request Forgery CSRF vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through = 2.3.6...

CVE-2024-37448 WordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through = 2.3.6...

CVE-2024-37448 WordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through = 2.3.6...

CVE-2024-37448

CVE-2024-37448 describes a Cross-Site Request Forgery in FameThemes OnePress WordPress theme (affecting version up to 2.3.6). Exploitation would enable unauthorized actions performed by CSRF on behalf of a logged-in user, per Red Hat and Wordfence entries referencing OnePress

PT-2025-2485 · Famethemes · Onepress

Name of the Vulnerable Software and Affected Versions: FameThemes OnePress versions prior to 2.3.7 Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user. Recommendations: For versions prior to 2.3.7, update to...