10 matches found
CVE-2026-25568
WeKan versions prior to 8.19 contain an authorization logic vulnerability where the instance configuration setting allowPrivateOnly is not sufficiently enforced at board creation time. When allowPrivateOnly is enabled, users can still create public boards due to incomplete server-side enforcement...
CVE-2026-25568
WeKan versions prior to 8.19 contain an authorization logic vulnerability where the instance configuration setting allowPrivateOnly is not sufficiently enforced at board creation time. When allowPrivateOnly is enabled, users can still create public boards due to incomplete server-side enforcement...
CVE-2026-25568
WeKan versions prior to 8.19 contain an authorization logic vulnerability where the instance configuration setting allowPrivateOnly is not sufficiently enforced at board creation time. When allowPrivateOnly is enabled, users can still create public boards due to incomplete server-side enforcement...
EUVD-2015-5438
Malware in sbrugna...
CVE-2015-5483
Multiple cross-site request forgery CSRF vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add users, 2 delete posts, or 3 modify PHP files via unspecified vectors, or 4 conduct cross-site...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add users, 2 delete posts, or 3 modify PHP files via unspecified vectors, or 4 conduct cross-site...
CVE-2015-5483
Multiple cross-site request forgery CSRF vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add users, 2 delete posts, or 3 modify PHP files via unspecified vectors, or 4 conduct cross-site...
WordPress Private Only plugin has multiple vulnerabilities
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Private Only is one of the private content plugin. The WordPress Private Only plugin suffers from a cross-site scripting a...
WordPress Private Only 3.5.1 CSRF / Cross Site Scripting Vulnerabilities
Exploit for php platform in category web applications Details ================ Software: Private Only Version: 3.5.1 Homepage: http://wordpress.org/plugins/private-only/ Advisory report:...
WordPress Private Only 3.5.1 CSRF / Cross Site Scripting
Details ================ Software: Private Only Version: 3.5.1 Homepage: http://wordpress.org/plugins/private-only/ Advisory report: https://security.dxw.com/advisories/csrfxss-vulnerability-in-private-only-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can/ CVE: CVE-2015-5483 CVSS:...