PT-2026-20382

The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use of loose comparison == instead of strict comparison === when validating the installation ID in the...

EUVD-2025-31239

Malicious code in bioql PyPI...

EUVD-2025-8397

Malicious code in bioql PyPI...

EUVD-2025-11295

Malicious code in bioql PyPI...

EUVD-2025-10553

Malicious code in bioql PyPI...

CVE-2025-60166

Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO wp-subscription-forms-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms PRO: from n/a through = 2.0.5...

WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Subscription Forms PRO versions = 2.0.5...

CVE-2025-60166

Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO wp-subscription-forms-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms PRO: from n/a through = 2.0.5...

CVE-2025-60166

Technical details for CVE-2025-60166 are not provided in the supplied documents. The initial description notes a Missing Authorization vulnerability in WP Subscription Forms PRO

CVE-2025-60166 WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO wp-subscription-forms-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms PRO: from n/a through = 2.0.5...

CVE-2025-60166 WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO wp-subscription-forms-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms PRO: from n/a through = 2.0.5...

PT-2025-39608

Name of the Vulnerable Software and Affected Versions WP Subscription Forms PRO versions through 2.0.5 Description An authorization issue exists in WP Subscription Forms PRO, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update WP Subscription...

WordPress plugin WP Subscription Forms PRO 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-9632 PhpList Subber <= 1.1 - Cross-Site Request Forgery

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the bulkactionhandler function. This makes it possible for unauthenticated attackers to trigger bulk synchronizati...

CVE-2025-39591

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

CVE-2025-39591

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

CVE-2025-39591 WordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

CVE-2025-39591

CVE-2025-39591 is a Missing Authorization vulnerability in WP Subscription Forms affecting versions up to 1.2.3. CVSS 3.1 base score 5.4 (Medium). The connected sources (RH, NVD, PatchStack, CVE lists) confirm the issue and that a patch exists, but do not specify the exact patched version. Exploi...

CVE-2025-39591 WordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

WordPress plugin WP Subscription Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...