Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2025/05/05 12:0 a.m.2 views

A Slicing-Based Approach for Detecting and Patching Vulnerable Code Clones

Code cloning is a common practice in software development, but it poses significant security risks by propagating vulnerabilities across cloned segments. To address this challenge, we introduce srcVul, a scalable, precise detection approach that combines program slicing with Locality-Sensitive...

7.6AI score
Exploits0
NVD
NVD
added 2025/03/22 7:15 a.m.8 views

CVE-2025-2478

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS0.00367EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/22 6:41 a.m.6 views

CVE-2025-2478 Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS7.7AI score0.00367EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/22 6:41 a.m.14 views

CVE-2025-2478 Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS0.00367EPSS
Exploits0References3
CVE
CVE
added 2025/03/22 6:41 a.m.58 views

CVE-2025-2478

CVE-2025-2478 (Code Clone WordPress plugin) describes a time-based SQL Injection via the snippetId parameter in versions

4.9CVSS5.4AI score0.00367EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/22 12:0 a.m.3 views

WordPress plugin Code Clone SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

4.9CVSS9.3AI score0.00367EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/03/21 7:55 p.m.4 views

WordPress Code Clone plugin <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter vulnerability

Authenticated Administrator+ SQL Injection via snippetId Parameter vulnerability discovered by Hoang Phuc Vo HrxKnight in WordPress Plugin Code Clone versions = 0.9...

4.9CVSS9.5AI score0.00367EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder