11 matches found
EUVD-2021-12025
Malware in sbrugna...
EUVD-2013-2643
Malware in sbrugna...
CVE-2021-25113
The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues...
CVE-2013-2704
Cross-site request forgery CSRF vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting XSS sequences...
CVE-2021-25113
The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues...
WordPress plugin Dropdown Menu Widget 跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Dropdown Menu Widget has a cross-site scripting vulnerability that can be exploited by attackers ...
Dropdown Menu Widget 1.9.1 - Script Insertion CSRF
The Dropdown Menu Widget WordPress plugin was affected by a Script Insertion CSRF security vulnerability...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting XSS sequences...
CVE-2013-2704
Cross-site request forgery CSRF vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting XSS sequences...
CVE-2013-2704
The CVE-2013-2704 entry concerns the WordPress plugin Dropdown Menu Widget (version 1.9.1). The vulnerability is described as a Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack the authentication of arbitrary users for requests that insert Cross-Site Scripting (XSS) sequen...
CVE-2013-2704
Cross-site request forgery CSRF vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting XSS sequences...