6234 matches found
CVE-2022-1239
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the editposts capability by default contributor and above to perform SSRF attacks...
CVE-2022-1239
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the editposts capability by default contributor and above to perform SSRF attacks...
WordPress plugin HubSpot 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress HubSpot plugin prior to 8.8.15 are vulnerable to server-side request...
Warning! Instagram Stories hides a scam in plain sight
When someone finds their social media account compromised, they first think about letting their followers know. And they do. They warn others from reading any strange posts, usually containing a rogue link, before they sort out the matter behind the scenes. Some curious followers who missed these...
CVE-2022-0363
The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts...
WordPress plugin myCred 安全漏洞
WordPress is a set of blogging platform developed using the PHP language. myCred 2.4.4, a WordPress plugin, previously had an authorization issue vulnerability, which stems from the plugin's failure to perform any authorization and CSRF checks in the myCred tool's import and export AJAX operation...
Sourcecodester Baby Care System SQL注入漏洞(CNVD-2022-35527)
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the find= parameter of...
CVE-2022-28424
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=...
CVE-2022-28424
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=...
CVE-2022-28423
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete...
CVE-2022-28422
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit...
CVE-2022-28423
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete...
CVE-2022-28422
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit...
Sql injection
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=...
Sql injection
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=posts...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the find= parameter of...
Sourcecodester Baby Care System SQL注入漏洞
Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin.php?id=posts...
DEBIAN-CVE-2011-1762
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publishposts' permission...
CVE-2011-1762
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publishposts' permission...