EUVD-2025-11148

Malicious code in bioql PyPI...

CVE-2024-8860

The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...

CVE-2024-8860 Tourfic <= 2.14.5 - Missing Authorization in Multiple Functions

The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...

CVE-2025-27565

An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs...

CVE-2024-8319

The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20. This is due to missing or incorrect nonce validation on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction,...

PT-2022-24988 · Unknown · Matrix-Appservice-Irc

Name of the Vulnerable Software and Affected Versions: matrix-appservice-irc versions up to 0.35.1 Description: A critical issue affects the file src/datastore/postgres/PgDataStore.ts, where the manipulation of the roomIds argument leads to sql injection. Upgrading to version 0.36.0 addresses thi...

matrix-appservice-irc 安全漏洞

matrix-appservice-irc is a bridge for Matrix. This bridge passes all IRC messages to Matrix and all Matrix messages to IRC. A security vulnerability exists in matrix-appservice-irc 0.35.1 and earlier versions, which stems from affected unknown code in the file src/datastore/postgres/PgDataStore.t...