EUVD-2022-25157

Malicious code in bioql PyPI...

CVE-2022-1885

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1885

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1885

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Cross site request forgery (csrf)

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1885 Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1885

CVE-2022-1885 affects the Cimy Header Image Rotator WordPress plugin up to version 6.1.1. The root cause is missing CSRF protection when updating settings, enabling an attacker to induce a logged-in admin to change configurations via CSRF. Multiple sources (NVD/Red Hat/CVE lists and WPScan/WP vul...

WordPress plugin Cimy Header Image Rotator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Cimy Header Image Rotator plugin 6.1.1 and earlier versions are vulnerable to cross-site...