49 matches found
EUVD-2021-11845
Malware in sbrugna...
EUVD-2015-9276
Malware in sbrugna...
EUVD-2015-1110
Malware in sbrugna...
EUVD-2015-9277
Malware in sbrugna...
EUVD-2024-45593
Malicious code in bioql PyPI...
CVE-2024-51669
Cross-Site Request Forgery CSRF vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through = 1.6.4...
CVE-2021-24933
The Dynamic Widgets WordPress plugin through 1.5.16 does not escape the prefix parameter before outputting it back in an attribute when using the termtree AJAX action available to any authenticated users, leading to a Reflected Cross-Site Scripting issue...
CVE-2015-9436
The dynamic-widgets plugin before 1.5.11 for WordPress has XSS via the wp-admin/admin-ajax.php?action=termtree prefix or widgetid parameter...
CVE-2015-9437
The dynamic-widgets plugin before 1.5.11 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=dynwid-config pagelimit parameter...
CVE-2024-51669
Cross-Site Request Forgery CSRF vulnerability in Vivwebs Dynamic Widgets.This issue affects Dynamic Widgets: from n/a through 1.6.4...
CVE-2024-51669
Cross-Site Request Forgery CSRF vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through = 1.6.4...
CVE-2024-51669
CVE-2024-51669: WordPress Dynamic Widgets plugin contains a Cross-Site Request Forgery (CSRF) vulnerability in versions 1.6.4 and earlier. A fix is available in 1.6.5. Patchstack notes an unauthenticated vector and low-priority severity for this entry, while NVD assigns a high base score (8.8) fo...
CVE-2024-51669 WordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through = 1.6.4...
CVE-2024-51669 WordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through = 1.6.4...
WordPress plugin Dynamic Widgets 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2024-34813 · Vivwebs · Dynamic Widgets
Name of the Vulnerable Software and Affected Versions: Vivwebs Dynamic Widgets versions 1.6.4 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the Dynamic Widgets plugin. This allows an attacker to perform unintended actions on a user's website. Users are urged to update t...
WordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Dynamic Widgets versions = 1.6.4...
WordPress Dynamic Widgets Plugin <= 1.6.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Dynamic Widgets Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-51669 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 96b0608ca8f4 Credits Ananda Dhakal Patchstack...
WordPress plugin Dynamic Widgets SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
CVE-2015-10100
A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10 on WordPress. This issue affects some unknown processing of the file classes/dynwidclass.php. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to versio...