CVE-2026-57649

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

EUVD-2026-39764

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

CVE-2026-57649 WordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerability

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

CVE-2026-57649

The CVE concerns the WordPress Shoppable Images Lite plugin (versions

WordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Shoppable Images Lite versions = 1.3...

CVE-2023-25698

Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...

EUVD-2023-29608

Malicious code in bioql PyPI...

CVE-2023-25698

Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...

CVE-2023-25698

Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...

CVE-2023-25698

CVE-2023-25698: CSRF in WordPress Shoppable Images Lite plugin = 1.2.4.

WordPress plugin Shoppable Images 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Shoppable Images Lite < 1.2.4 - Arbitrary Post Deletion via CSRF

The plugin does not have CSRF checks in some places, for example when deleting/updating images. Furthermore, it does not ensure that the image to be deleted are actually images, which could allow attackers to make logged in admins delete arbitrary posts via a CSRF attack...

WordPress Shoppable Images Lite Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Shoppable Images Lite Type Plugin Vulnerable versions = 1.2.3 Fixed in 1.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25698 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d071aa365d52 Credits Rio Darmawan...

WordPress Shoppable Images Lite plugin <=1.0.0 - Cross-Site Request Forgery (CSRF)/PHP Object Injection Vulnerabilities

WordPress Shoppable Images Lite plugin Cross-Site Request Forgery CSRF/PHP Object Injection Vulnerabilities were found in the showadminnotices function. The value of $GET nonce variable is unserialized, which allows PHP object injection. Solution Update the plugin...