CVE-2025-13223

creationtimestamp| type| source ---|---|--- 2025-11-17 23:20:14+00:00| seen| https://bsky.app/profile/baldanders.info/post/3m5uefi3p7k2y 2025-11-17 23:30:35+00:00| seen| https://bsky.app/profile/spiegel.goark.fedicity.net.ap.brid.gy/post/3m5uesnjmb4p2 2025-11-17 23:50:01+00:00| seen|...

CVE-2025-64262

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...

CVE-2025-55073 MS Teams plugin OAuth allows editing arbitrary posts

Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11, 10.12.x = 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL...

CVE-2025-13131

creationtimestamp| type| source ---|---|--- 2025-11-13 22:31:02+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5k7r6vwkso2 2025-11-13 22:56:22+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5kb5m5gr5w2 2025-11-14...

CVE-2025-36250

creationtimestamp| type| source ---|---|--- 2025-11-13 22:22:12+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115544721445633757 2025-11-13 22:30:51+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5k7qnx74722 2025-11-13 22:56:55+00:00| seen|...

EUVD-2025-163783

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

CVE-2025-64262

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

CVE-2025-64262

CVE-2025-64262 is a CSRF vulnerability in the WordPress plugin Auto Prune Posts (versions

CVE-2025-64262 WordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

CVE-2025-64262 WordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

CVE-2025-11923

creationtimestamp| type| source ---|---|--- 2025-11-13 04:26:00+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5id5eznwkt2 2025-11-13 05:53:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5ii2g36py2k 2025-11-13 07:40:13+00:00| seen|...

PT-2025-46798

Cross-Site Request Forgery CSRF vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through = 3.0.0...

WordPress plugin Auto Prune Posts 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-64500

creationtimestamp| type| source ---|---|--- 2025-11-12 12:42:38+00:00| seen| https://bsky.app/profile/symfony.com/post/3m5gogrgryw26 2025-11-12 12:44:41+00:00| seen| https://bsky.app/profile/symfony.com/post/3m5gokg2mtg2l 2025-11-13 00:25:40+00:00| seen|...

CVE-2025-11828

The Magazine Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headerHtmlTag' attribute in the bnm-blocks/featured-posts-1 block in all versions up to, and including, 1.2.3. This is due to insufficient input sanitization and output escaping when using...

CVE-2025-11863

The My Geo Posts Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mygeocity' shortcode in all versions up to, and including, 1.2. This is due to the plugin not properly sanitizing user input or escaping output of the 'default' shortcode attribute. This makes it...

CVE-2025-59499

creationtimestamp| type| source ---|---|--- 2025-11-11 17:30:42+00:00| seen| https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review 2025-11-11 20:25:55+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5extb6maxi2 2025-11-11...

CVE-2025-7429

creationtimestamp| type| source ---|---|--- 2025-11-11 09:46:37+00:00| seen| https://gist.github.com/Darkcrai86/b3af27c92f36f5ea26fb50b2dfc12c18 2025-11-11 09:48:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5dubcgo5n2u 2025-11-11 09:51:23+00:00| seen|...