EUVD-2025-35821

The Disable Content Editor For Specific Template plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing nonce validation on template configuration updates. This makes it possible for unauthenticated attackers to add or...

CVE-2025-12072

CVE-2025-12072 concerns the WordPress plugin Disable Content Editor For Specific Template (≤ 2.0). Root cause is missing nonce validation on template configuration updates, enabling CSRF. Impact: unauthenticated attackers can induce administrators to add or delete template configurations via forg...

PT-2025-43601

Name of the Vulnerable Software and Affected Versions Disable Content Editor For Specific Template plugin for WordPress versions prior to 2.1 Description The Disable Content Editor For Specific Template plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue. This is caused...

WordPress Disable Content Editor For Specific Template plugin <= 2.0 - Cross-Site Request Forgery to Template Configuration Update vulnerability

Cross-Site Request Forgery to Template Configuration Update vulnerability discovered by Nabil Irawan in WordPress Plugin Disable Content Editor For Specific Template versions = 2.0...

[Full-Disclosure] Novell GroupWise WebAccess error modules loading

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear ladies and gentlemen We have found a potential security vulnerability in the Novell GroupWise WebAccess error module handling. First of all it is possible to circumvent the login procedure. If a user connects to...