2 matches found
CVE-2021-34634
The Nifty Newsletters WordPress plugin is vulnerable to Cross-Site Request Forgery via the solanlwphead function found in the /sola-newsletters.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.23...
WordPress 跨站请求伪造漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Nifty Newsletters plugin 4.0.23 and earlier...