3 matches found
EUVD-2021-2348
Malware in sbrugna...
CVE-2021-24780
The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users would then be able...
PHPX 3.x - images.php Cross-Site Request Forgery Arbitrary Command Execution
PHPX 3.x - images.php Cross-Site Request Forgery Arbitrary Command Execution source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properl...