7 matches found
WordPress Auto Save Remote Images (Drafts) plugin <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability
Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Save Remote Images Drafts versions = 1.0.9...
CVE-2025-24543
Cross-Site Request Forgery CSRF vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9...
WordPress Files Download Delay plugin <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Files Download Delay versions = 1.0.9...
WordPress plugin Navayan CSV Export SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability...
WordPress BlogLentor – Blog Designer Pack for Elementor plugin <=1.0.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin BlogLentor versions = 1.0.9...
@adobe/target-decisioning-engine (>=1.0.0 <=1.5.1), @agriyadev5/react-jsonschema-form (>=1.8.1 <=1.8.3) +132 more potentially affected by unknown CVE via json-logic-js (>=1.0.9 <=1.2.3)
json-logic-js NPM version =1.0.9, =1.0.0, =1.8.1, =2.29.12, =0.1.7, =1.0.4, =0.2.52, =0.0.1, =4.11.1-rc.8, =3.0.0-rc.23, =3.29.6-1, =3.1.12-1, =3.29.7-12, =3.29.15 and more Source cves: unknown CVE Source advisory: OSV:GHSA-M9HW-7XFV-WQG7...
sysPass 'getAccounts' Parameter SQL Injection Vulnerability
sysPass is a PHP-based Web password manager. A SQL injection vulnerability exists in sysPass 1.0.9 and earlier versions, which stems from the ajax/ajaxsearch.php script not adequately filtering the 'search' parameter. A remote attacker can exploit this vulnerability to execute arbitrary SQL...