EUVD-2015-9196

Malware in sbrugna...

EUVD-2014-9280

Malware in sbrugna...

CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

WordPress WP-ViperGB plugin <= 1.6.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP ViperGB versions = 1.6.1...

CVE-2024-4409

CVE-2024-4409 : The WP-ViperGB WordPress plugin (all versions up to 1.6.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation when saving settings. This allows unauthenticated attackers to alter plugin settings by tricking an administrator into performing an act...

CVE-2024-4409 WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a...

WordPress wp-vipergb plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. wp-vipergb is a message board plugin used in it. A cross-site scripting vulnerability exists in the WordPress wp-viper...

Code injection

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the WP-ViperGB plugin before 1.3.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via th...