WordPress plugin Question Answer 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

WordPress plugin Question Answer 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2021-4408

The CVE-2021-4408 entry concerns the DW Question & Answer plugin for WordPress. A Cross-Site Request Forgery flaw exists in versions up to and including 1.5.8 due to missing or incorrect nonce validation in the update_answer() function, enabling unauthenticated attackers to update answers to ques...

CVE-2021-4408 DW Question & Answer <= 1.5.8 - Cross-Site Request Forgery Bypass

The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the updateanswer function. This makes it possible for unauthenticated attackers to update answers to questions...

WordPress Plugin Question Answer Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in WordPress plugin Question Answer v1.2.30, which can be exploited by...