CVE-2022-40700

Server-Side Request Forgery SSRF vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress a...

PT-2024-11631 · Agence Press · Css Adder By Agence-Press

Name of the Vulnerable Software and Affected Versions: Montonio for WooCommerce versions 6.0.1 and earlier Wpopal Core Features versions 1.5.8 and earlier ArcStone wp-amo versions 4.6.6 and earlier WooVirtualWallet – A virtual wallet for WooCommerce versions 2.2.1 and earlier WooVIP – Membership...

WordPress Confirm Data Plugin <= 1.0.7 is vulnerable to Server Side Request Forgery (SSRF)

Software Confirm Data Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID 486c54ed7457 Credits Dave Jong Patchstack Required...

CVE-2008-2678

Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 code parameter in a confirmdata action to edit1.php and the 2 id parameter to viewmore.php...