WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion vulnerability

WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin = 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin BEAR versions = 1.1.5...

CVE-2026-1673

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is affected by a Cross-Site Request Forgery in versions up to 1.1.5. The root cause is missing nonce validation in the woobe_delete_tax_term() function, enabling unauthenticated actors to...

CVE-2026-1673

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the woobedeletetaxterm function. This makes it possible...

WordPress IdeaPush plugin <= 8.71 - Missing Authorization to Board Term Deletion vulnerability

Missing Authorization to Board Term Deletion vulnerability discovered by Lucio Sá in WordPress Plugin IdeaPush versions = 8.71...

EUVD-2020-2940

Malware in sbrugna...

CVE-2020-10487

CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request...

CVE-2024-11844

The CVE-2024-11844 entry concerns the IdeaPush WordPress plugin (versions up to and including 8.71). Root cause: missing capability check in the idea_push_taxonomy_save_routine allows authenticated users with Subscriber-level access or higher to delete terms in the boards taxonomy, effectively en...

CVE-2020-10487

CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request...

PT-2020-12157 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete a glossary term via a crafted request to the admin/manage-glossary.php endpoint. This is made possible by a CSRF flaw. Recommendations: For Chadh...