10 matches found
EUVD-2022-25030
Malicious code in bioql PyPI...
CVE-2022-1749
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createpluginatfadminsettingpage function found in the /inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and...
WordPress WPMK Ajax Finder plugin跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WPMK Ajax Finder plugin 1.0.1 and earlier versions are vulnerable to cross-site request forgery,...
CVE-2022-1749
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createpluginatfadminsettingpage function found in the /inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and...
CVE-2022-1749 WPMK Ajax Finder <= 1.0.1 - Cross-Site Request Forgery to Cross-Site Scripting
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createpluginatfadminsettingpage function found in the /inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and...
CVE-2022-1749 WPMK Ajax Finder <= 1.0.1 - Cross-Site Request Forgery to Cross-Site Scripting
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createpluginatfadminsettingpage function found in the /inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and...
CVE-2022-1749
CVE-2022-1749 concerns the WordPress plugin WPMK Ajax Finder (versions up to and including 1.0.1). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw caused by a missing nonce check in the function createplugin_atf_admin_setting_page() within the file ~/inc/config/create-plugin-config....
PT-2022-14083
Name of the Vulnerable Software and Affected Versions WPMK Ajax Finder WordPress plugin versions up to and including 1.0.1 Description The issue is related to Cross-Site Request Forgery, which occurs due to a missing nonce check in the createplugin atf admin setting page function found in the...
WordPress plugin WPMK Ajax Finder 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WPMK Ajax Finder plugin 1.0.1 and earlier versions are vulnerable to cross-site request forgery,...
WordPress WPMK Ajax Finder plugin <= 1.0.1 - Stored Cross-Site Scripting (XSS) via CSRF vulnerability
Stored Cross-Site Scripting XSS via CSRF vulnerability discovered by Tsubasa Imaizumi Cryptography Laboratory in Tokyo Denki University in WordPress WPMK Ajax Finder plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of May 17, 2022 and is not available for...