34 matches found
CVE-2026-0572
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
WordPress WebPurify Profanity Filter plugin <= 4.0.2 - Missing Authorization to Unauthenticated Plugin Settings Change via webpurify_save_options vulnerability
Missing Authorization to Unauthenticated Plugin Settings Change via webpurifysaveoptions vulnerability discovered by 0x34rth in WordPress Plugin WebPurify Profanity Filter versions = 4.0.2...
CVE-2026-0572
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
EUVD-2026-5413
The WebPurify Profanity Filter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'webpurifysaveoptions' function in all versions up to, and including, 4.0.2. This makes it possible for unauthenticated attackers to change plugin settin...
WordPress plugin WebPurify Profanity Filter 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-6011
Name of the Vulnerable Software and Affected Versions WebPurify Profanity Filter versions up to and including 4.0.2 Description The WebPurify Profanity Filter plugin for WordPress has a flaw that allows unauthorized modification of data. This is due to a missing capability check on the webpurify...
Malicious code in google-profanity-words (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47675 Malicious code in google-profanity-words (npm)
--- -= Per source details. Do not edit below this line.=-...
Linux Distros Unpatched Vulnerability : CVE-2017-5592
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
Nintendo: [Xenoblade Chronicles X: Definitive Edition] Improper validation of names allows injecting formatting tags and bypassing profanity filter
The vulnerability in Xenoblade Chronicles X: Definitive Edition allowed improper validation of names, enabling the injection of formatting tags and bypassing the profanity filter...
SUSE CVE-2017-5592
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity 0.4.7 - 0.5.0...
Crypto Market Maker Wintermute Hacked, $160 Million Stolen
By Deeba Ahmed According to Certik blockchain cybersecurity firm, a vulnerable private key generated by the Profanity vanity address generator is responsible for this attack. This is a post from HackRead.com Read the original post: Crypto Market Maker Wintermute Hacked, $160 Million Stolen...
Crypto Trading Firm Wintermute Loses $160 Million in Hacking Incident
In what's the latest crypto heist to target the decentralized finance DeFi space, hackers have stolen digital assets worth around $160 million from crypto trading firm Wintermute. The hack involved a series of unauthorized transactions that transferred USD Coin, Binance USD, Tether USD, Wrapped...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-40769
CVE-2022-40769 affects profanity up to version 1.60. The root cause is only four billion possible RNG initializations, enabling attackers to recover private keys from Ethereum vanity addresses and steal cryptocurrency. The vuln has been exploited in the wild (June 2022). Affected component: profa...
PT-2022-25527
Name of the Vulnerable Software and Affected Versions profanity versions 1.60 and earlier Description The issue allows attackers to recover private keys from Ethereum vanity addresses and steal cryptocurrency due to only four billion possible RNG initializations. This has been exploited in the...