CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...

CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...

UBUNTU-CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...

CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...

CVE-2025-70129

PluXml, versions 5.8.22 and earlier, is affected by CVE-2025-70129 due to an anti-spam CAPTCHA implementation that can be automatically recognized. The captcha challenge format exposes details within article bodies (capcha-letter, capcha-word, capcha-token), enabling automated scripts to construc...

CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. T...

PT-2026-24368

Name of the Vulnerable Software and Affected Versions PluXml versions 5.8.22 and earlier Description When the anti-spam captcha functionality is enabled, PluXml generates captcha challenges in a format that can be automatically recognized. This allows automated scripts to bypass the anti-spam...

PluXml 安全漏洞

PluXml is an open-source, free content management system developed by PluXml. It works without the need for a database. PluXml versions 5.8.22 and earlier have security vulnerabilities. These vulnerabilities stem from the exposure of details related to the anti-spam CAPTCHA function. This could...

CVE-2025-13973 StickEasy Protected Contact Form <= 1.0.1 - Unauthenticated Information Disclosure

The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 1.0.2. The plugin stores spam detection logs at a predictable publicly accessible location...

EUVD-2022-24949

Malicious code in bioql PyPI...

EUVD-2025-11865

Malicious code in bioql PyPI...

CVE-2022-1663

The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...

CVE-2025-30357

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator...

CVE-2025-30357 NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator...

CVE-2025-30357

CVE-2025-30357 affects NamelessMC forum software. In versions ≤ 2.1.4, a malicious user posting spam across topics could trigger deletion of that user by an admin, which would cause all that user’s posts (and in turn related topics by unrelated users) to be marked as deleted. The issue has been p...

CVE-2025-30357 NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator...

CVE-2025-30357 NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator...

PT-2025-17310 · Unknown · Namelessmc

Name of the Vulnerable Software and Affected Versions: NamelessMC versions 2.1.4 and prior Description: The issue arises when a malicious user leaves spam comments on many topics. If an administrator deletes the malicious user's account, all their posts along with the associated topics by unrelat...

CVE-2022-1663

The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...

CVE-2022-1663

The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request...