30 matches found
EUVD-2019-15595
Malware in sbrugna...
EUVD-2024-19739
Malicious code in bioql PyPI...
EUVD-2025-4039
Malicious code in bioql PyPI...
CVE-2024-22143
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17...
CVE-2022-2658
The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2019-6027
Cross-site request forgery CSRF vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2025-25111
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2025-25111
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2025-25111
CVE-2025-25111 (WP Spell Check) is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin WP Spell Check up to version 9.21. The initial document shows a CVSS v3.1 base score of 5.4 (MEDIUM) with metrics: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L. Several sources (NVD, Red Hat...
CVE-2025-25111 WordPress WP Spell Check plugin <= 9.21 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2025-25111 WordPress WP Spell Check plugin <= 9.21 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check WP Spell Check wp-spell-check allows Cross Site Request Forgery.This issue affects WP Spell Check: from n/a through = 9.21...
CVE-2024-22143
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17...
CVE-2024-22143
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17...
CVE-2024-22143 WordPress WP Spell Check Plugin <= 9.17 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17...
CVE-2024-22143
CVE-2024-22143 describes a Cross-Site Request Forgery (CSRF) in the WordPress WP Spell Check plugin affecting versions up to 9.17. The vulnerability is reported as unauthenticated and can impact the plugin’s exposed actions, with CVSS metrics from NVD noting high impact (C/H, I/H, A/H) and overal...
WP Spell Check < 9.18 - Cross-Site Request Forgery
Description The WP Spell Check plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.17. This is due to missing or incorrect nonce validation on the wpscxadminemptyrender function. This makes it possible for unauthenticated attackers to update an...
CVE-2022-2658 WP Spell Check < 9.13 - Admin+ Stored Cross-Site Scripting
The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-2658
The CVE-2022-2658 entry concerns the WordPress WP Spell Check plugin prior to version 9.13, which does not escape ignored words. This allows Stored Cross-Site Scripting by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (notably in multisite setups). Root cause is imp...
PT-2023-12874 · WordPress · Wp Spell Check
Name of the Vulnerable Software and Affected Versions: WP Spell Check versions prior to 9.13 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in multisite setups...