6191 matches found
CVE-2025-66471
creationtimestamp| type| source ---|---|--- 2025-12-05 17:54:47+00:00| seen| https://seclists.org/oss-sec/2025/q4/250 2025-12-05 19:12:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m7b6xhddwo2s 2025-12-05 19:13:24+00:00| seen|...
CVE-2025-55183
creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-11 20:51:04+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qhaqdtxc2v 2025-12-11 20:51:05+00:00| seen|...
CVE-2025-55184
creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-11 20:51:04+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qhaqdxuc2v 2025-12-11 20:51:04+00:00| seen|...
CVE-2025-13684
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the arkrpoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a...
CVE-2025-12782
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-13684
CVE-2025-13684 concerns the ARK Related Posts WordPress plugin (version
EUVD-2025-201393
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the arkrpoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a...
CVE-2025-13684 ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the arkrpoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a...
CVE-2025-13684 ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the arkrpoptionspage function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a...
WordPress plugin ARK Related Posts 跨站请求伪造漏洞
...
PT-2025-49232
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the ark rp options page function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via ...
WordPress ARK Related Posts plugin <= 2.19 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin ARK Related Posts versions = 2.19...
CVE-2025-12196
creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 22:45:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m772fe6d7u2q...
CVE-2025-13940
creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 22:54:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m772vy6s3i2k...
CVE-2025-12782
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-12782
Beaver Builder – WordPress Page Builder (Beaver Builder Lite) is affected by CVE-2025-12782 due to an authorization bypass in the disable() path that fails to properly verify user permissions. The issue affects all versions up to 2.9.4, enabling authenticated users with at least Contributor acces...
CVE-2025-12782 Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-12782 Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
PT-2025-49006
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-66293
creationtimestamp| type| source ---|---|--- 2025-12-03 20:00:03+00:00| seen| https://seclists.org/oss-sec/2025/q4/233 2025-12-03 20:11:40+00:00| seen| https://seclists.org/oss-sec/2025/q4/234 2025-12-03 20:37:25+00:00| seen| https://seclists.org/oss-sec/2025/q4/235 2025-12-03 21:35:09+00:00| seen...