36 matches found
WordPress Zoho Flow plugin <= 2.14.1 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by wesley wcraft in WordPress Plugin Zoho Flow versions = 2.14.1...
EUVD-2025-9296
Malicious code in bioql PyPI...
EUVD-2025-30500
Malicious code in bioql PyPI...
EUVD-2025-27632
Malicious code in bioql PyPI...
EUVD-2024-42370
Malicious code in bioql PyPI...
CVE-2025-59568
Cross-Site Request Forgery CSRF vulnerability in Zoho Flow Zoho Flow zoho-flow allows Cross Site Request Forgery.This issue affects Zoho Flow: from n/a through = 2.14.1...
CVE-2025-59568
Cross-Site Request Forgery CSRF vulnerability in Zoho Flow Zoho Flow zoho-flow allows Cross Site Request Forgery.This issue affects Zoho Flow: from n/a through = 2.14.1...
WordPress Zoho Flow Plugin <= 2.14.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Bao - BlueRock in WordPress Plugin Zoho Flow versions = 2.14.1...
CVE-2025-59568 WordPress Zoho Flow Plugin <= 2.14.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Zoho Flow Zoho Flow zoho-flow allows Cross Site Request Forgery.This issue affects Zoho Flow: from n/a through = 2.14.1...
CVE-2025-59568
Public technical details for CVE-2025-59568 are not provided in the connected documents. The Zoho Flow CSRF issue affecting Zoho Flow (
CVE-2025-59568 WordPress Zoho Flow Plugin <= 2.14.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Zoho Flow Zoho Flow allows Cross Site Request Forgery. This issue affects Zoho Flow: from n/a through 2.14.1...
PT-2025-39043
Name of the Vulnerable Software and Affected Versions Zoho Flow versions through 2.14.1 Description Zoho Flow is susceptible to Cross-Site Request Forgery CSRF. This allows an attacker to potentially perform actions on behalf of an authenticated user without their knowledge. Recommendations Updat...
WordPress plugin Zoho Flow 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
CVE-2025-8479
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.14.1. This is due to missing or incorrect nonce validation on the zohoflowdeactivateplugin function. This makes it possible for unauthenticated attackers to modify typography setting...
CVE-2025-8479
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.14.1. This is due to missing or incorrect nonce validation on the zohoflowdeactivateplugin function. This makes it possible for unauthenticated attackers to modify typography setting...
CVE-2025-8479 Zoho Flow <= 2.14.1 - Cross-Site Request Forgery
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.14.1. This is due to missing or incorrect nonce validation on the zohoflowdeactivateplugin function. This makes it possible for unauthenticated attackers to modify typography setting...
CVE-2025-8479 Zoho Flow <= 2.14.1 - Cross-Site Request Forgery
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.14.1. This is due to missing or incorrect nonce validation on the zohoflowdeactivateplugin function. This makes it possible for unauthenticated attackers to modify typography setting...
CVE-2025-8479
CVE-2025-8479: The Zoho Flow WordPress plugin (versions ≤ 2.14.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in zoho_flow_deactivate_plugin. This allows unauthenticated attackers to cause changes to typography settings by tricking an admin into a forged ...
WordPress plugin Zoho Flow 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2025-37119
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.14.1. This is due to missing or incorrect nonce validation on the zoho flow deactivate plugin function. This makes it possible for unauthenticated attackers to modify typography...