CVE-2025-62120

Cross-Site Request Forgery CSRF vulnerability in Rick Beckman OpenHook thesis-openhook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through = 4.3.1...

CVE-2025-62120

Cross-Site Request Forgery CSRF vulnerability in Rick Beckman OpenHook thesis-openhook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through = 4.3.1...

CVE-2025-62120

CVE-2025-62120 documents a Cross-Site Request Forgery (CSRF) vulnerability in the OpenHook thesis-openhook component, affecting OpenHook versions up to and including 4.3.1. The description specifies CSRF as the issue and lists the affected product as OpenHook, but the Connected Documents do not p...

EUVD-2025-205954

Cross-Site Request Forgery CSRF vulnerability in Rick Beckman OpenHook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through 4.3.1...

CVE-2025-62120 WordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rick Beckman OpenHook thesis-openhook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through = 4.3.1...

CVE-2025-62120 WordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rick Beckman OpenHook allows Cross Site Request Forgery.This issue affects OpenHook: from n/a through 4.3.1...

WordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin OpenHook versions = 4.3.1...

PT-2025-54336

Name of the Vulnerable Software and Affected Versions OpenHook versions through 4.3.1 Description A Cross-Site Request Forgery CSRF issue exists in OpenHook, potentially allowing attackers to perform actions on behalf of authenticated users. This occurs due to insufficient protection against forg...

WordPress plugin OpenHook 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

EUVD-2023-57532

Malicious code in bioql PyPI...

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

OpenHook < 4.3.1 - Subscriber+ Remote Code Execution

Description The plugin does not prevent low-privileged users like subscribers from using its 'php' shortcode feature, leading to potential Remote Code Execution...

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

Remote code execution

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

CVE-2023-5201 OpenHook <= 4.3.0 - Authenticated (Subscriber+) Remote Code Execution via Shortcode

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

CVE-2023-5201

OpenHook (WordPress plugin) is vulnerable to Remote Code Execution up to and including version 4.3.0 via the php shortcode. Exploitation requires the php shortcode setting to be enabled and an attacker with subscriber privileges or higher. The vulnerability is documented as CVE-2023-5201. Patch s...

CVE-2023-5201 OpenHook <= 4.3.0 - Authenticated (Subscriber+) Remote Code Execution via Shortcode

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

WordPress plugin OpenHook code injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress OpenHook Plugin <= 4.3.0 is vulnerable to Remote Code Execution (RCE)

Software OpenHook Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-5201 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 278dfa1831ef Credits István Márton Required privilege Subscriber...