CVE-2026-22483 WordPress teachPress plugin <= 9.0.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in winkm89 teachPress teachpress allows Cross Site Request Forgery.This issue affects teachPress: from n/a through = 9.0.12...

CVE-2026-22483

CVE-2026-22483 is a CSRF vulnerability in the WordPress plugin teachPress (winkm89) affecting teachPress versions up to 9.0.12. According to the CVE record, the issue is a Cross-Site Request Forgery, with CVSS v3.1 metrics indicating a base score of 5.4 (Medium) and an attack vector of NETWORK, r...

CVE-2026-22483 WordPress teachPress plugin <= 9.0.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in winkm89 teachPress teachpress allows Cross Site Request Forgery.This issue affects teachPress: from n/a through = 9.0.12...

CVE-2026-22353 WordPress teachPress plugin <= 9.0.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in winkm89 teachPress teachpress allows Stored XSS.This issue affects teachPress: from n/a through = 9.0.12...

WordPress teachPress plugin <= 9.0.12 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin teachPress versions = 9.0.12...

WordPress teachPress plugin <= 9.0.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin teachPress versions = 9.0.12...

EUVD-2023-26833

Malicious code in bioql PyPI...

EUVD-2023-40450

Malicious code in bioql PyPI...

EUVD-2025-8075

Malicious code in bioql PyPI...

CVE-2023-22704

Reflected Cross-Site Scripting XSS vulnerability in Michael Winkler teachPress plugin = 8.1.8 versions...

WordPress teachPress plugin <= 9.0.11 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin teachPress versions = 9.0.11...

WordPress plugin teachPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

CVE-2025-1320

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

CVE-2025-1320

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

CVE-2025-1320

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

CVE-2025-1320 teachPress <= 9.0.9 - Cross-Site Request Forgery to Import Delete

The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.9. This is due to missing or incorrect nonce validation on the import.php page. This makes it possible for unauthenticated attackers to delete imports via a forged request...

CVE-2025-1320

CVE-2025-1320: teachPress WordPress plugin vulnerable to Cross-Site Forgery on Import Delete (import.php) due to missing nonce validation. Affected versions up to 9.0.9; unpatched as per sources. Attack requires user interaction via a forged request, enabling unauthenticated actors to delete impo...

WordPress plugin teachPress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress teachPress plugin <= 9.0.9 - Cross-Site Request Forgery to Import Delete vulnerability

Cross-Site Request Forgery to Import Delete vulnerability discovered by Krzysztof Zając in WordPress Plugin teachPress versions = 9.0.9...

CVE-2025-1321

The teachPress plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tpsearch' shortcode in all versions up to, and including, 9.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...