27 matches found
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code VS Code extension to pass the vetting process and go live in the registry. "The pipeline had a single boolea...
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code VS Code extensions are published to the open-source repository to combat supply chain threats. The move marks a shift from a reactive to a proactive...
EUVD-2023-48510
Malicious code in bioql PyPI...
EUVD-2025-28515
Malicious code in bioql PyPI...
CVE-2025-53323
Missing Authorization vulnerability in danbriapps Pre-Publish Post Checklist pre-publish-post-checklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pre-Publish Post Checklist: from n/a through = 3.1...
CVE-2025-53323
Missing Authorization vulnerability in danbriapps Pre-Publish Post Checklist pre-publish-post-checklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pre-Publish Post Checklist: from n/a through = 3.1...
CVE-2025-53323
CVE-2025-53323: WordPress Pre-Publish Post Checklist
CVE-2025-53323 WordPress Pre-Publish Post Checklist plugin <= 3.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in danbriapps Pre-Publish Post Checklist pre-publish-post-checklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pre-Publish Post Checklist: from n/a through = 3.1...
WordPress plugin Pre-Publish Post Checklist 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2022-1758
The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings...
CVE-2023-44151
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects Pre-Publish Checklist: from n/a through 1.1.1...
CVE-2023-44151
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects Pre-Publish Checklist: from n/a through 1.1.1...
CVE-2023-44151 WordPress Pre-Publish Checklist plugin <= 1.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects Pre-Publish Checklist: from n/a through 1.1.1...
CVE-2023-44151 WordPress Pre-Publish Checklist plugin <= 1.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Pre-Publish Checklist.This issue affects Pre-Publish Checklist: from n/a through 1.1.1...
PT-2024-13178 · Brainstorm Force · Pre-Publish Checklist
Name of the Vulnerable Software and Affected Versions: Pre-Publish Checklist versions 1.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Brainstorm Force Pre-Publish Checklist. Recommendations: For versions 1.1.1 and earlier, update to a version th...
WordPress plugin Pre-Publish Checklist security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Pre-Publish Checklist < 1.1.2 - Insecure Direct Object Reference to Arbitrary Post '_ppc_meta_key' Update
Description The Pre-Publish Checklist plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.1.1 via the ppcmetaboxajaxaddhandler and ppcmetaboxajaxdeletehandler functions due to missing validation on a user controlled key. This can allow...
WordPress Pre-Publish Checklist Plugin <= 1.1.1 is vulnerable to Broken Access Control
Software Pre-Publish Checklist Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-44151 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 94f8d9a5952c Credits Rafie Muhammad Patchsta...
WordPress Genki Pre-Publish Reminder plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-1758
The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings...