2 matches found
CVE-2025-13140
creationtimestamp| type| source ---|---|--- 2025-12-02 08:13:43+00:00| seen| https://gist.github.com/Darkcrai86/6c7fa33ce9b0a93be1c3c54d84aa7521 2025-12-02 10:44:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6yr5ktuyf2j...
CVE-2025-13140 SurveyJS: Drag & Drop WordPress Form Builder <= 1.12.20 - Cross-Site Request Forgery to Survey Deletion
The SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12.20. This is due to missing nonce validation on the SurveyJSDeleteSurvey AJAX action. This makes it possible for unauthenticated attackers to...