588 matches found
CVE-2017-20095
CVE-2017-20095 affects the WordPress plugin Simple Ads Manager . The connected sources describe a remote, network-exploitable vulnerability that leads to code injection due to manipulation of unknown code. Public documentation labels it as critical/high impact (e.g., NVD CVSS v3.1 base score 9.8,...
CVE-2017-20095 Simple Ads Manager Plugin code injection
A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability affects unknown code. The manipulation leads to code injection. The attack can be initiated remotely...
CVE-2017-20093
CVE-2017-20093 affects WordPress Plugin Download Manager (version 2.8.99). Multiple sources describe a cross-site request forgery vulnerability in an unspecified/unknown function, with remote exploitation possible. No concrete patch/version remediation is stated in the provided documents; further...
CVE-2017-20093 Download Manager Plugin cross-site request forgery
A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...
CVE-2017-20093 Download Manager Plugin cross-site request forgery
A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely...
CVE-2017-20091
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2017-20091
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
Cross site request forgery (csrf)
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2017-20091 File Manager Plugin cross-site request forgery
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2017-20091 File Manager Plugin cross-site request forgery
A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely...
CVE-2017-20091
The CVE-2017-20091 entry concerns the WordPress File Manager Plugin version 3.0.1, where a cross-site request forgery (CSRF) vulnerability exists due to missing or improper request/token validation. The issue enables remote initiation of CSRF actions against the plugin, with the attack affecting ...
Cross site request forgery (csrf)
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2017-20054
CVE-2017-20054 concerns a basic cross-site scripting vulnerability in the XYZScripts Contact Form Manager Plugin (WordPress ecosystem). The issue affects an unspecified portion of functionality, can be triggered remotely, and the exploit has been disclosed publicly. The connected records confirm ...
CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2022-29406
CVE-2022-29406 affects the DynamicWebLab WordPress Team Manager plugin
WordPress Useful Banner Manager plugin跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Useful Banner Manager plugin version 1.6.1 and earlier versions are vulnerable to cross-site reques...
CVE-2022-1985
The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on the 'frameid' parameter found in the /src/Package/views/shortcode-iframe.php file...
CVE-2022-1985
CVE-2022-1985 affects WordPress Download Manager plugin up to version 3.2.42. The vulnerability is a reflected Cross-Site Scripting due to insufficient sanitization/escaping of the frameid parameter in the shortcode-iframe.php file. Impact described as XSS; no exploit details provided in the init...
PT-2022-14237 · WordPress · Download Manager Plugin
Name of the Vulnerable Software and Affected Versions: Download Manager Plugin for WordPress versions up to, and including 3.2.42 Description: The issue is related to reflected Cross-Site Scripting due to insufficient input sanitization and output escaping on the frameid parameter found in the...