32 matches found
EUVD-2025-31302
Malicious code in bioql PyPI...
EUVD-2024-48347
Malicious code in bioql PyPI...
EUVD-2024-30327
Malicious code in bioql PyPI...
CVE-2025-60098
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Psai in WordPress Plugin Theme My Login versions = 7.1.12...
CVE-2025-60098
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
CVE-2025-60098
CVE-2025-60098 is a confirmed Missing Authorization vulnerability in the WordPress plugin Theme My Login , affecting versions up to 7.1.12. CVSS v3.1 base score 6.5 (Medium) with NETWORK attack vector, LOW complexity, no privileges required, and LOW impact on availability; impact primarily to con...
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Jeff Farthing Theme My Login theme-my-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theme My Login: from n/a through = 7.1.12...
PT-2025-39545
Name of the Vulnerable Software and Affected Versions Theme My Login versions through 7.1.12 Description An authorization issue exists in Theme My Login, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Theme My Login to a version later than...
WordPress plugin Theme My Login security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2024-32525
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6...
CVE-2024-7422
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tmladminsavemssettings function. This makes it possible for unauthenticated attackers to update the theme's...
CVE-2024-7422 Theme My Login <= 7.1.7 - Cross-Site Request Forgery to Settings Update
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tmladminsavemssettings function. This makes it possible for unauthenticated attackers to update the theme's...
CVE-2024-7422
CVE-2024-7422 (Theme My Login for WordPress) is a CSRF vulnerability in the Theme My Login plugin that affects multi-site WordPress installations. It arises from missing or incorrect nonce validation in the tml_admin_save_ms_settings() function, enabling an unauthenticated attacker to forge a req...
WordPress Theme My Login plugin <= 7.1.7 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by vgo0 in WordPress Plugin Theme My Login versions = 7.1.7...
WordPress Theme My Login Plugin <= 7.1.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Theme My Login Type Plugin Vulnerable versions = 7.1.7 Fixed in 7.1.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7422 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3496bb32e539 Credits vgo0 Required privile...
CVE-2024-32525
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6...
CVE-2024-32525 WordPress Theme My Login plugin <= 7.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6...
CVE-2024-32525 WordPress Theme My Login plugin <= 7.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6...