Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-25224

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00305EPSS
Exploits2References1
OSV
OSV
added 2022/07/11 1:15 p.m.0 views

CVE-2022-1956

The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them...

4.3CVSS5.8AI score0.00305EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/11 1:15 p.m.5 views

CVE-2022-1956

The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them...

4.3CVSS5.8AI score0.00305EPSS
Exploits2References2
Prion
Prion
added 2022/07/11 1:15 p.m.16 views

Cross site request forgery (csrf)

The Shortcut Macros WordPress plugin through 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them...

4CVSS4.6AI score0.00305EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/07/11 12:56 p.m.63 views

CVE-2022-1956

CVE-2022-1956 affects the Shortcut Macros WordPress plugin (versions up to 1.3). The root cause is missing authorization and CSRF checks when updating plugin settings, enabling any authenticated user (e.g., a subscriber) to update settings. The public documents describe a CSRF attack workflow and...

4.3CVSS5.3AI score0.00305EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.2 views

WordPress pluginShortcut Macros 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Shortcut Macros plugin 1.3 and earlier versions are vulnerable to cross-site request forgery, which...

4.3CVSS5.4AI score0.00305EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/07/11 12:0 a.m.3 views

PT-2022-14216 · WordPress · Shortcut Macros

Name of the Vulnerable Software and Affected Versions: The Shortcut Macros WordPress plugin versions 1.3 and earlier Description: The issue is related to the lack of authorization and CSRF checks when updating settings in the plugin. This could allow any authenticated users, such as subscribers, ...

4.3CVSS4.3AI score0.00305EPSS
Exploits2References6
WPVulnDB
WPVulnDB
added 2022/06/16 12:0 a.m.18 views

Shortcut Macros <= 1.3 - Subscriber+ Arbitrary Settings Update

The plugin does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them. PoC Open the following HTML code while being logged in as a subscriber, or make any logged in user open it via a CSRF attack...

4.3CVSS1.5AI score0.00305EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/06/16 12:0 a.m.107 views

Shortcut Macros <= 1.3 - Subscriber+ Arbitrary Settings Update

The plugin does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them. Open the following HTML code while being logged in as a subscriber, or make any logged in user open it via a CSRF attack...

4.3CVSS0.4AI score0.00305EPSS
Exploits2
Rows per page
Query Builder