CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

EUVD-2024-32239

Malicious code in bioql PyPI...