Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/08/18 4:31 a.m.18 views

CVE-2025-7686

The weichuncaiWP伪春菜 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6.7AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2025/08/16 4:16 a.m.7 views

CVE-2025-7686

The weichuncaiWP伪春菜 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS0.00127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/16 3:38 a.m.4 views

CVE-2025-7686 weichuncai(WP伪春菜) <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The weichuncaiWP伪春菜 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6.7AI score0.00127EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/16 3:38 a.m.9 views

CVE-2025-7686 weichuncai(WP伪春菜) <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The weichuncaiWP伪春菜 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS0.00127EPSS
Exploits0References2
Rows per page
Query Builder