EUVD-2024-31345

Malicious code in bioql PyPI...

EUVD-2024-37570

Malicious code in bioql PyPI...

CVE-2021-24932

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.3 does not sanitise and escape the postid parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue...

CVE-2024-38719

Missing Authorization vulnerability in Creative Motion Auto Featured Image Auto Post Thumbnail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through 4.1.2...

WordPress plugin Auto Featured Image (Auto Post Thumbnail) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

CVE-2023-7073 Auto Featured Image (Auto Post Thumbnail) <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...

CVE-2024-33629

Server-Side Request Forgery SSRF vulnerability in Creative Motion Auto Featured Image Auto Post Thumbnail.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through 4.0.0...

CVE-2024-33629

CVE-2024-33629 corresponds to a Server-Side Request Forgery in the WordPress plugin Auto Featured Image (Auto Post Thumbnail) up to version 4.0.0. Connected sources confirm the vulnerability is authenticated (Author+) and an active patch status is Unpatched in public advisories; no explicit fix v...

WordPress plugin Auto Featured Image (Auto Post Thumbnail) 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.3 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.3...

WordPress Auto Featured Image (Auto Post Thumbnail) Plugin < 3.9.16 is vulnerable to Arbitrary File Upload

Software Auto Featured Image Auto Post Thumbnail Type Plugin Vulnerable versions 3.9.16 Fixed in 3.9.16 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0477 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID ad8cfc8bf738 Credits dc11 Required...

CVE-2021-24932

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.3 does not sanitise and escape the postid parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue...

CVE-2021-24932

The CVE-2021-24932 entry concerns the WordPress plugin Auto Featured Image (Auto Post Thumbnail) prior to version 3.9.3. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by insufficient sanitisation/escaping of the post_id parameter in an admin page output within a JS block...