29 matches found
CVE-2023-52133
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...
CVE-2023-52133
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...
CVE-2023-52133
CVE-2023-52133 affects the Most And Least Read Posts Widget plugin (WordPress). The vulnerability is an SQL Injection in widget settings that can be exploited by an authenticated user with Contributor+ privileges. Affected range is from n/a through version 2.5.16; the entry notes the issue was pa...
PT-2023-31926 · Unknown · Whiletrue Most/Least Read Posts Widget
Name of the Vulnerable Software and Affected Versions: WhileTrue Most And Least Read Posts Widget versions 2.5.16 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential...
WordPress Plugin Most And Least Read Posts Widget SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Most And Least Read Posts...
CVE-2020-36730
The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmpgetpostdetail, niteoexportcsv, and cmpdisablecomingsoonajax functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated attackers to read posts, export...
CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
Improper access control to messages of Social app (NC-SA-2020-042)
Improper access control in Social app 0.3.1 allowed to read posts of any user...