Lucene search
K

26 matches found

CNNVD
CNNVD
added 2024/02/29 12:0 a.m.6 views

WordPress Plugin Perfmatters Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS6.7AI score0.00408EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.4 views

WordPress Plugin perfmatters Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/11/29 12:0 a.m.16 views

Perfmatters < 2.1.7 - Cross-Site Request Forgery

Description The Perfmatters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.6. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action...

8.8CVSS9.4AI score0.0024EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/29 12:0 a.m.14 views

Perfmatters < 2.1.7 - Missing Authorization

Description The Perfmatters plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on one of its functions in all versions up to, and including, 2.1.6. This makes it possible for subscriber-level attackers to invoke this function...

8.8CVSS9.3AI score0.00408EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.19 views

WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Perfmatters Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47875 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 02a9c657f03b Credits Dave Jong Patchstack...

8.8CVSS7AI score0.0024EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/21 12:0 a.m.9 views

WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Perfmatters Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47876 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e0a42388bb5d Credits Dave Jong Patchstack Required...

7.1CVSS6.8AI score0.00412EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder