17 matches found
CVE-2013-6797
Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...
EUVD-2013-6599
Malware in sbrugna...
EUVD-2025-3441
Malicious code in bioql PyPI...
CVE-2025-23809
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through = 2.1.0...
CVE-2025-23809
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sunil Nanda Blue Wrench Video Widget blue-wrench-videos-widget allows Reflected XSS.This issue affects Blue Wrench Video Widget: from n/a through = 2.1.0...
CVE-2025-23809
CVE-2025-23809 describes a Reflected XSS in the NotFound Blue Wrench Video Widget (affecting Blue Wrench Video Widget: from n/a through 2.1.0). The vulnerability arises from improper neutralization of input during web page generation. CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with bas...
PT-2025-5109 · Unknown · Blue Wrench Video Widget
Name of the Vulnerable Software and Affected Versions: Blue Wrench Video Widget versions n/a through 2.1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows reflected XSS. This problem affects the...
WordPress plugin Blue Wrench Video Widget 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Blue Wrench Video Widget versions = 2.1.0...
Blue Wrench Video Widget 1.0.2 - Multiple Stored Cross-Site Scripting (XSS)
The Blue Wrench Video Widget WordPress plugin was affected by a Multiple Stored Cross-Site Scripting XSS security vulnerability...
WordPress Plugin Blue Wrench Video Widget - Cross-Site Request Forgery
WordPress Plugin Blue Wrench Video Widget - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/63800/info The Blue Wrench Video Widget plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to...
WordPress Plugin Blue Wrench Video Widget - Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/63800/info The Blue Wrench Video Widget plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the...
WordPress Blue Wrench Video Widget Plugin - Cross Site Request Forgery
WordPress Blue Wrench Video Widget plugin is prone to a cross-site request forgery vulnerability. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session. Solution Upgrade the plugin...
CVE-2013-6797
Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...
CVE-2013-6797
CVE-2013-6797 is a CSRF vulnerability in the WordPress plugin Blue Wrench Video Widget (bluewrench-video-widget.php) prior to version 2.0.0 . The issue allows remote attackers to hijack an administrator’s session by crafting requests that embed arbitrary URLs via the bw_url parameter on the bw-vi...
CVE-2013-6797
Cross-site request forgery CSRF vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bwurl parameter in the bw-videos pag...