CVE-2026-8425 | pektsekye Notify Odoo Plugin up to 1.0.1 on WordPress Setting _updateSettings cross-site request forgery

Inserito da Angelo Barbosa | Mag 15, 2026 | CVE

A vulnerability was found in pektsekye Notify Odoo Plugin up to 1.0.1 on WordPress. It has been classified as problematic. This issue affects the function _updateSettings of the component Setting Handler. This manipulation causes cross-site request forgery.

The identification of this vulnerability is CVE-2026-8425. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-8425 | pektsekye Notify Odoo Plugin up to 1.0.1 on WordPress Setting _updateSettings cross-site request forgery

Post correlati

CVE-2026-1108 | cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04 rtsp_rely_dumps buffer overflow

CVE-2024-27095 | Decidim up to 0.27.5/0.28.0 Record cross site scripting (GHSA-529p-jj47-w3m3)

CVE-2026-22255 | InternationalColorConsortium iccDEV up to 2.3.1.1 ICC Color Profile IccProfLib/IccTagLut.cpp CIccCLUT::Init input validation

CVE-2024-28111 | thinkst canarytokens prior sha-c595a1f8 Incident Export csv injection