5 matches found
EUVD-2025-28834
Malicious code in bioql PyPI...
CVE-2025-9331
The Spacious theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'welcomenoticeimporthandler' function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2025-9331 Spacious <= 1.9.11 - Missing Authorization to Autheticated (Subscriber+) Demo Data Import
The Spacious theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'welcomenoticeimporthandler' function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2025-9331 Spacious <= 1.9.11 - Missing Authorization to Autheticated (Subscriber+) Demo Data Import
The Spacious theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'welcomenoticeimporthandler' function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and...
WordPress Spacious Theme <= 1.9.11 is vulnerable to Broken Access Control
Software Spacious Type Theme Vulnerable versions = 1.9.11 Fixed in 1.9.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-9331 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bca30fd3c674 Credits Dmitrii Ignatyev Required privilege...