16 matches found
EUVD-2021-11525
Malware in sbrugna...
EUVD-2024-29160
Malicious code in bioql PyPI...
CVE-2024-31264
Unauthenticated Cross Site Request Forgery CSRF in Post Views Counter = 1.4.4 versions...
CVE-2024-31264
Unauthenticated Cross Site Request Forgery CSRF in Post Views Counter = 1.4.4 versions...
CVE-2024-31264 WordPress Post Views Counter plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Post Views Counter = 1.4.4 versions...
CVE-2024-31264 WordPress Post Views Counter plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Post Views Counter = 1.4.4 versions...
CVE-2024-31264
CVE-2024-31264 refers to an unauthenticated CSRF vulnerability in the WordPress plugin Post Views Counter, affecting version
PT-2024-23908 · Unknown · Post Views Counter
Name of the Vulnerable Software and Affected Versions: Post Views Counter versions 1.4.4 and earlier Description: The issue is related to an Unauthenticated Cross Site Request Forgery CSRF in the affected software. Recommendations: For Post Views Counter versions 1.4.4 and earlier, update to a...
WordPress Plugin Post Views Counter 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...
WordPress Post Views Counter plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Post Views Counter versions = 1.4.4...
WordPress Post Views Counter Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Post Views Counter Type Plugin Vulnerable versions = 1.4.4 Fixed in 1.4.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31264 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 68843b34fde0 Credits Brandon Roldan...
CVE-2021-24613
The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfilteredhtml capability is disallowed...
CVE-2021-24613
The CVE concerns the WordPress plugin Post Views Counter, affected version: before 1.3.5. The root cause is improper sanitisation/escaping of the Post Views Label setting, enabling Cross‑Site Scripting (XSS) in the frontend when unfiltered_html is disallowed. The description notes that high‑privi...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress...
Post Views Counter < 1.3.5 - Authenticated Stored XSS
The plugin does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfilteredhtml capability is disallowed PoC Put the following payload in the Post Views Label settings of the plugin...
Post Views Counter < 1.3.5 - Authenticated Stored XSS
The plugin does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the frontend even when the unfilteredhtml capability is disallowed Put the following payload in the Post Views Label settings of the plugin...