WordPress plugin Featured Image from URL SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

CVE-2022-2278

The Featured Image from URL FIFU WordPress plugin before 4.0.1 does not validate, sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite...

WordPress Save & Import Image from URL Plugin <= 0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Save & Import Image from URL versions = 0.7...

CVE-2024-37276

CVE-2024-37276 concerns the WordPress plugin Featured Image from URL (FIFU). Public records show a Missing Authorization vulnerability allowing exploitation of incorrectly configured access control security levels in the FIFU component that handles Featured Image from URL. Affected versions are l...

PT-2024-15760 · WordPress · The Ai Engine: Chatbots

Name of the Vulnerable Software and Affected Versions: The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress versions up to, and including, 2.1.4 Description: The issue is related to arbitrary file uploads due to missing file type validation in the add image from u...

WordPress plugin Featured Image from URL (FIFU) 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2022-15412 · WordPress · Featured Image From Url

Name of the Vulnerable Software and Affected Versions: Featured Image from URL FIFU WordPress plugin versions prior to 4.0.1 Description: The issue is related to the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack...