12 matches found
CVE-2025-0796
The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...
CVE-2025-0796 Mortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings Reset
The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...
CVE-2025-0796 Mortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings Reset
The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...
WordPress plugin Mortgage Lead Capture System 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Mortgage Lead Capture System plugin <= 8.2.11 - Cross-Site Request Forgery to Settings Reset vulnerability
Cross-Site Request Forgery to Settings Reset vulnerability discovered by Dhabaleshwar Das in WordPress Plugin Mortgage Lead Capture System versions = 8.2.11...
Vanderbilt REDCap 安全漏洞
REDCap is a data collection and management web application. A security vulnerability exists in Vanderbilt REDCap prior to v.13.8.0, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to gain access to sensitive information via a password reset...
SQL injection vulnerability exists in kkcms (CNVD-2020-58510)
kkcms is an open source video capture and playback system. SQL injection vulnerability exists in kkcms. Attackers can exploit the vulnerability to obtain sensitive information in the database...
SQL injection vulnerability exists in kkcms (CNVD-2020-33124)
kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...
SQL injection vulnerability exists in kkcms (CNVD-2020-33119)
kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...
SQL injection vulnerability exists in kkcms (CNVD-2020-33116)
kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...
KKCMS backend suffers from sql injection vulnerability
kkcms is an open source video capture and playback system. KKCMS backend suffers from sql injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...
KKCMS suffers from SQL injection vulnerability (CNVD-2020-30168)
kkcms is an open source video capture and playback system. KKCMS suffers from SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...