27 matches found
CVE-2026-9723
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723 Google Plus One Bottom <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update via Settings Page
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723 Google Plus One Bottom <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update via Settings Page
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723
CVE-2026-9723 affects the WordPress plugin Google Plus One Bottom (versions
EUVD-2026-33890
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
WordPress plugin Google Plus One Bottom 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Google Plus One Bottom plugin <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin Google Plus One Bottom versions = 0.0.2...
AZL-72661 CVE-2025-68308 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...
EUVD-2025-12392
Malicious code in bioql PyPI...
PT-2025-33804
Content removed...
Kintsugi: Decentralized E2EE Key Recovery
Kintsugi is a protocol for key recovery, allowing a user to regain access to end-to-end encrypted data after they have lost their device, but still have their potentially low-entropy password. Existing E2EE key recovery methods, such as those deployed by Signal and WhatsApp, centralize trust by...
CVE-2025-3866
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
CVE-2025-3866 Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
CVE-2025-3866
CVE-2025-3866 affects the WordPress plugin Add Google +1 (Plus One) social share Button, version
CVE-2025-3866 Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
PT-2025-17888 · WordPress · Add Google +1 (Plus One) Social Share Button
Name of the Vulnerable Software and Affected Versions: Add Google +1 Plus one social share Button plugin for WordPress version 1.0.0 and earlier Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the google-plus-one-share-button page...
WordPress plugin Add Google +1 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Add Google...
WordPress Add Google +1 (Plus one) social share Button plugin <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Add Google +1 Plus one social share Button versions = 1.0.0...