Cross-Site Request Forgery in addfreespace WordPress plugin versions up to 0.1.3 allows unauthenticated attackers to update plugin settings and inject malicious scripts by tricking site administrators into clicking a forged link, exploiting missing nonce validation on settings update functions. The vulnerability requires user interaction (administrator click) and has low impact scope (integrity only, no confidentiality or availability loss), making it a moderate-risk CSRF attack vector in typical WordPress deployments.
Authorization bypass in LXC's setuid helper lxc-user-nic allows unprivileged users to delete OpenVSwitch-attached network interfaces belonging to other users. The vulnerability exists in the find_line() function's interface name comparison logic, which sets an authorization flag based on name match alone without re-verifying ownership, enabling a tenant to cause denial of service by disconnecting containers on shared infrastructure. This affects multi-tenant deployments using lxc-user-nic with OpenVSwitch bridges and is patched in LXC 7.0.0.
Cross-Site Request Forgery (CSRF) in DX Sources plugin for WordPress up to version 2.0.1 allows unauthenticated attackers to modify plugin configuration options by tricking a logged-in administrator into clicking a malicious link. The vulnerability stems from missing nonce validation in the settings_page_build function, enabling attackers to alter plugin settings without administrative consent. No active exploitation has been confirmed at the time of analysis.
Insecure Direct Object Reference (IDOR) in AVideo's PayPalYPT plugin allows any authenticated user to cancel arbitrary PayPal billing agreements belonging to other users by supplying a victim's agreement ID to the `agreementCancel.json.php` endpoint. An attacker can silently suspend a victim's recurring subscription without authorization, causing revenue loss to the platform operator and service interruption to the victim. The vulnerability exists because the endpoint only checks that the user is logged in, but fails to verify ownership of the agreement being canceled, despite a sister endpoint (`PayPalAgreementCancel.json.php`) implementing the correct authorization check.
Race condition in PaperCut MF badge-swipe processing from HP multifunction devices allows unauthorized user login when custom badge-ID post-processing scripts transform truncated badge strings into valid credentials of different users. The vulnerability requires specific network conditions (dropped packets, out-of-order sequence counters, failed sequence reset notifications) and custom script configuration, affecting physical device authentication in networked printing environments. No public exploit identified at time of analysis.