11 matches found
WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin CWW Companion versions = 1.3.2...
CVE-2025-67473 WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/a through = 1.3.2...
CVE-2025-67473 WordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/a through = 1.3.2...
CVE-2025-67473
Technical details for CVE-2025-67473 are not publicly provided in the supplied documents. No vendor, product version, impact, or remediation details are present in the connected sources. Monitor for updates and authoritative disclosures.
WordPress plugin CWW Companion 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-49889
CVE-2025-67473 Cross-Site Request Forgery CSRF vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/… https://t.co/oYg89RTUP9...
EUVD-2024-27094
Malicious code in bioql PyPI...
CVE-2024-2130
CVE-2024-2130 affects the CWW Companion WordPress plugin. It is a Stored XSS via the Module2 widget in versions up to 1.2.7 caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires contributor-level or higher authentication and can inject sc...
WordPress Plugin CWW Companion Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-18852 · WordPress · Cww Companion
Name of the Vulnerable Software and Affected Versions: CWW Companion plugin for WordPress versions up to, and including, 1.2.7 Description: The issue is related to Stored Cross-Site Scripting via the Module2 widget due to insufficient input sanitization and output escaping on user-supplied...
WordPress CWW Companion Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software CWW Companion Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2130 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 885abf006ca4 Credits Francesco Carlucci Require...