34 matches found
EUVD-2023-46367
Malicious code in bioql PyPI...
EUVD-2023-34039
Malicious code in bioql PyPI...
EUVD-2023-34040
Malicious code in bioql PyPI...
CVE-2023-41876
Cross-Site Request Forgery CSRF vulnerability in Hardik Kalathiya WP Gallery Metabox plugin = 1.0.0 versions...
CVE-2023-2561
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the galleryremove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with th...
CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2022-47134
Cross-Site Request Forgery CSRF vulnerability in Bill Erickson Gallery Metabox plugin = 1.5 versions...
WP Gallery Metabox <= 1.0.0 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-41876
Cross-Site Request Forgery CSRF vulnerability in Hardik Kalathiya WP Gallery Metabox plugin = 1.0.0 versions...
CVE-2023-41876 WordPress WP Gallery Metabox Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Hardik Kalathiya WP Gallery Metabox plugin = 1.0.0 versions...
CVE-2023-41876
CVE-2023-41876 : Cross-Site Request Forgery in the WordPress plugin WP Gallery Metabox (vendor: Hardik Kalathiya) affecting versions
WordPress Plugin wp-gallery-metabox Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress WP Gallery Metabox Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Gallery Metabox Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41876 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d78bcbd51e63 Credits Skalucy Required...
CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2023-2562
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2023-2561
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the galleryremove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with th...
CVE-2023-2561
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the galleryremove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with th...
Design/Logic Flaw
The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the galleryremove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with th...
Design/Logic Flaw
The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...
CVE-2023-2561
CVE-2023-2561 affects the WordPress plugin Gallery Metabox (versions