4 matches found
WordPress plugin Random Quotes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-13580
The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...
CVE-2024-13580
The CVE-2024-13580 vulnerability affects the XV Random Quotes WordPress plugin (
CVE-2024-13574
CVE-2024-13574 – XV Random Quotes (WordPress) ≤ 1.40 : The vulnerability arises from insufficient sanitization/escaping of an input parameter before echoing it in the page, causing a reflected XSS that could target high-privilege users (e.g., admins). Public details about a fix/patch version are ...