Lucene search
+L

31 matches found

Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.9 views

PT-2024-37929 · WordPress · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.1.7 Description: The issue is related to the Secure Copy Content Protection and Content Locking WordPress plugin, which does not properly sanitise and...

4.8CVSS5.9AI score0.00377EPSS
Exploits1References7
Patchstack
Patchstack
added 2024/07/11 9:51 a.m.5 views

WordPress Secure Copy Content Protection plugin < 4.0.9 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.0.9...

6.5CVSS6.1AI score0.00371EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/07/11 6:15 a.m.21 views

CVE-2024-6138

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

6.5CVSS0.00371EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/11 6:0 a.m.33 views

CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00371EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2022/02/10 12:0 a.m.314 views

WordPress Secure Copy Content Protection And Content Locking 2.8.1 SQL Injection

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS0.2AI score0.78812EPSS
Exploits7
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.329 views

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
WPVulnDB
WPVulnDB
added 2021/11/08 12:0 a.m.31 views

Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The plugin does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection. PoC...

9.8CVSS9.3AI score0.78812EPSS
Exploits7Affected Software1
CNVD
CNVD
added 2021/08/05 12:0 a.m.50 views

WordPress Secure Copy Content Protection Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Secure Copy Content Protection plugin is an application plugin for WordPress. A SQL injection vulnerability exists in...

7.2CVSS7AI score0.01344EPSS
Exploits2References1
NVD
NVD
added 2021/08/02 11:15 a.m.24 views

CVE-2021-24484

The getreports function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

7.2CVSS0.01344EPSS
Exploits2References1
Prion
Prion
added 2021/08/02 11:15 a.m.13 views

Sql injection

The getreports function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

6.5CVSS7.3AI score0.01344EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/08/02 12:0 a.m.23 views

WordPress和WordPress 插件 SQL注入漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Secure Copy Content Protection plugin is an application plugin for WordPress. A SQL injection vulnerability exists in...

7.2CVSS6AI score0.01344EPSS
Exploits2References1
Rows per page
Query Builder