21 matches found
CVE-2026-4133
The TextP2P Texting Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.7. This is due to missing nonce validation in the imTextP2POptionPage function which processes settings updates. The form at line 314 does not include a wpnoncefield,...
CVE-2026-4133 TextP2P Texting Widget <= 1.7 - Cross-Site Request Forgery to Settings Update
The TextP2P Texting Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.7. This is due to missing nonce validation in the imTextP2POptionPage function which processes settings updates. The form at line 314 does not include a wpnoncefield,...
PT-2026-34294
Name of the Vulnerable Software and Affected Versions TextP2P Texting Widget versions prior to 1.8 Description The TextP2P Texting Widget plugin for WordPress is susceptible to Cross-Site Request Forgery. This occurs because the imTextP2POptionPage function, which handles settings updates, lacks...
WordPress plugin TextP2P Texting Widget 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress TextP2P Texting Widget plugin <= 1.7 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin TextP2P Texting Widget versions = 1.7...
EUVD-2013-4611
Malware in sbrugna...
Free Apple iPhone 12? Chatbot Phish Spreads Via Texts
A mobile phishing campaign is spreading via text messages purporting to come from an Apple chatbot – and offering “free trials” of iPhone 12. The iPhone 12 is due to be released in October, and the buzz is high for Appleheads who are anxiously awaiting the launch. Cybercriminals are taking...
The RCS Texting Protocol Is Way Too Easy to Hack
Rich Communication Services promises to be the new standard for texting. Thanks to sloppy implementation, it's also a security mess...
SMS Text Messaging -PC Texting - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application SMS Text Messaging -PC Texting published at the 'play' market has multiple vulnerabilities...
Free Texting - External URLs, WebView JavaScript enabled, WebView files access vulnerabilities
HackApp vulnerability scanner discovered that application Free Texting published at the 'play' market has multiple vulnerabilities...
SimplyText: Free Texting - SMS - Customized SSL, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application SimplyText: Free Texting - SMS published at the 'play' market has multiple vulnerabilities...
Free Phone Calls, Free Texting - Customized SSL, Dangerous filesystem permissions, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Free Phone Calls, Free Texting published at the 'play' market has multiple vulnerabilities...
UppTalk WiFi Calling & Texting - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application UppTalk WiFi Calling & Texting published at the 'play' market has multiple vulnerabilities...
TalkU Free Calls +Free Texting - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application TalkU Free Calls +Free Texting published at the 'play' market has multiple vulnerabilities...
CVE-2014-5714
CVE-2014-5714 affects the Text Me! Free Texting & Call Android app (com.textmeinc.textme) version 2.5.5. The issue is that the app does not verify X.509 certificates from SSL servers, enabling potential man-in-the-middle attackers to spoof servers and access sensitive information via a crafted ce...
CVE-2014-5714
The Text Me! Free Texting & Call aka com.textmeinc.textme application 2.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Simple, but Critical vulnerability in Verizon Portal revealed users' SMS History
A Security researcher discovered a critical privacy vulnerability on Verizon Wireless's Web-based customer portal that allows anyone to download user's SMS History and Numbers of other users he communicated with. Back in August, researcher 'Cody Collier' found that a simple URL exploit could allo...
CVE-2013-0128
The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint...
Design/Logic Flaw
The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint...
CVE-2013-0128
CVE-2013-0128 affects the TigerText Free Private Texting iOS app prior to version 3.1.402. The Contact Customer Support feature generates a log-file email containing unencrypted credentials (username and password), enabling an attacker to obtain sensitive information by network sniffing or throug...