EUVD-2025-2800

Malicious code in bioql PyPI...

CVE-2025-22520

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2025-22520

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2025-22520 WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

CVE-2025-22520

CVE-2025-22520 – Tock Widget CSRF (Cross-Site Request Forgery) Connected sources confirm a CSRF vulnerability affecting the Tock Widget (Tock Widget,

CVE-2025-22520 WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through = 1.1...

WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Tock Widget versions = 1.1...

PT-2025-4513 · Unknown · Tock Widget

Name of the Vulnerable Software and Affected Versions: Tock Widget versions n/a through 1.1 Description: The issue is related to a Cross-Site Request Forgery CSRF problem, which allows for Cross Site Request Forgery. This is a type of attack where an attacker can trick a user into performing...

WordPress plugin Tock Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...