64 matches found
EUVD-2025-26080
Malicious code in bioql PyPI...
EUVD-2024-52102
Malicious code in bioql PyPI...
CVE-2025-7955
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...
CVE-2025-7955
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...
CVE-2025-7955 RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...
CVE-2025-7955 RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...
CVE-2025-7955
CVE-2025-7955 affects the RingCentral Communications WordPress plugin (versions 1.5–1.6.8). The flaw is in ringcentral_admin_login_2fa_verify() and enables authentication bypass, allowing unauthenticated login as any user with bogus 2FA codes. CVSS 3.1 base score 9.8 (CRITICAL). Remediation: upgr...
WordPress RingCentral Communications plugin 1.5-1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function
Missing Server‑Side Verification to Authentication Bypass via ringcentraladminlogin2faverify Function vulnerability discovered by kr0d in WordPress Plugin RingCentral Communications versions 1.5-1.6.8...
WordPress plugin RingCentral Communications 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...
WordPress RingCentral Communications 1.6.8 Authentication Bypass
WordPress RingCentral Communications plugin versions 1.5 through 1.6.8 have a missing server-side verification that allows for authentication bypass...
PT-2025-34967
Name of the Vulnerable Software and Affected Versions: RingCentral Communications plugin for WordPress versions 1.5 through 1.6.8 Description: The RingCentral Communications plugin for WordPress is susceptible to authentication bypass due to insufficient validation within the ringcentral admin...
Malicious code in ringcentral-web-modules (npm)
The package ringcentral-web-modules was found to contain malicious code...
MAL-2025-32241 Malicious code in ringcentral-web-modules (npm)
The package ringcentral-web-modules was found to contain malicious code...
Malicious code in ringcentral-google-drive-notification-add-in (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis afbe2fb4071ec030a6a51319f5f0b9d45664bf8caba681cfac58bb60bd001cf0 The OpenSSF Package Analysis project identified 'ringcentral-google-drive-notification-add-in' @ 2.2.2 npm as malicious. It is considered...
MAL-2025-5849 Malicious code in ringcentral-google-drive-notification-add-in (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis afbe2fb4071ec030a6a51319f5f0b9d45664bf8caba681cfac58bb60bd001cf0 The OpenSSF Package Analysis project identified 'ringcentral-google-drive-notification-add-in' @ 2.2.2 npm as malicious. It is considered...
Malicious code in ringcentral-web-phone-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5d0cdb47587dfa64b594d26d1b33dea3d9cb70b7f8a581fa66d1f005df4ee60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1661 Malicious code in ringcentral-web-phone-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5d0cdb47587dfa64b594d26d1b33dea3d9cb70b7f8a581fa66d1f005df4ee60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-53770
Cross-Site Request Forgery CSRF vulnerability in pbmacintyre RingCentral Communications rccp-free allows Stored XSS.This issue affects RingCentral Communications: from n/a through = 1.7.0...
CVE-2024-53770
Cross-Site Request Forgery CSRF vulnerability in pbmacintyre RingCentral Communications rccp-free allows Stored XSS.This issue affects RingCentral Communications: from n/a through = 1.7.0...
CVE-2024-53770 WordPress RingCentral Communications plugin <= 1.6.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Peter MacIntyre RingCentral Communications allows Stored XSS.This issue affects RingCentral Communications: from n/a through 1.6.1...