EUVD-2022-33751

Malicious code in bioql PyPI...

EUVD-2022-33748

Malicious code in bioql PyPI...

WordPress Hermit plugin SQL injection vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the la...

WordPress Hermit plugin跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin cross-site scripting vulnerability, no details of the vulnerability are currently...

WordPress Hermit plugin SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which can be exploited by...

WordPress Hermit plugin cross-site request forgery vulnerability

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin cross-site request forgery vulnerability, which can be exploited by attackers to delet...

CVE-2022-29410

Authenticated SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via &ids...

Cross site request forgery (csrf)

Multiple Cross-Site Request Forgery CSRF vulnerabilities in Hermit ????? plugin = 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source...

CVE-2022-29412

CVE-2022-29412 corresponds to CSRF vulnerabilities in the WordPress Hermit plugin (versions

CVE-2022-29413

The CVE-2022-29413 entry concerns Mufeng’s Hermit WordPress plugin (versions

CVE-2022-29410

CVE-2022-29410 corresponds to a SQL injection in WordPress plugin Hermit (Hermit 音乐播放器)

WordPress plugin Hermit SQL注入漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which can be exploited by...

WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Ex.Mi Patchstack in WordPress Hermit 音乐播放器 plugin versions = 3.1.6. Solution Deactivate and delete. This plugin has been closed as of April 25, 2022 and is not available for download. This closure is temporary, pending a...

WordPress plugin Hermit SQL注入漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the la...

WordPress plugin Hermit 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin cross-site scripting vulnerability, no details of the vulnerability are currently...

PT-2022-19587 · Mufeng · Mufeng'S Hermit 音乐播放器 Plugin

Name of the Vulnerable Software and Affected Versions: Mufeng's Hermit 音乐播放器 plugin versions = 3.1.6 Description: The issue is related to Cross-Site Request Forgery CSRF that leads to Stored Cross-Site Scripting XSS via the title parameter. This allows for malicious script storage and execution...

Hermit <= 3.1.6 - Subscriber+ SQLi

The plugin does not sanitise and escape the ids parameter before using it in a SQL statement, leading to a SQL injection...

WordPress plugin Hermit 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Hermit plugin cross-site request forgery vulnerability, which can be exploited by attackers to delet...