17 matches found
EUVD-2012-1105
Malware in sbrugna...
EUVD-2012-1104
Malware in sbrugna...
EUVD-2023-27969
Malicious code in bioql PyPI...
CVE-2023-23886
Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7...
CVE-2023-23886 WordPress WP-RecentComments plugin <= 2.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7...
CVE-2023-23886 WordPress WP-RecentComments plugin <= 2.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in mg12 WP-RecentComments wp-recentcomments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through = 2.2.7...
CVE-2023-23886
CVE-2023-23886 affects the WordPress WP-RecentComments plugin up to version 2.2.7. The issue is a Missing Authorization / Broken Access Control vulnerability that can disclose information due to incorrectly configured access controls. The common references describe the root cause as insufficient ...
WordPress plugin WP-RecentComments 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WP-RecentComments Plugin <= 2.2.7 is vulnerable to Sensitive Data Exposure
Software WP-RecentComments Type Plugin Vulnerable versions = 2.2.7 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e8e792ef26a6 Credits WordFence Required privilege...
WordPress WP-RecentComments Plugin <= 2.2.7 is vulnerable to Broken Access Control
Software WP-RecentComments Type Plugin Vulnerable versions = 2.2.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23886 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bef3f2d917d0 Credits Nguyen Anh Tien Required...
CVE-2012-1067
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
Sql injection
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
Cross site scripting
Cross-site scripting XSS vulnerability in the rcajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging...
CVE-2012-1067
CVE-2012-1067 affects the WP-RecentComments WordPress plugin (2.0.7) with a SQL injection via the id parameter in the rc-content action to index.php. The underlying issue is an injectable SQL command path that allows remote attackers to execute arbitrary SQL. In published materials, exploitation ...
CVE-2012-1068
The CVE-2012-1068 entry concerns the WP-RecentComments WordPress plugin (before 2.0.7). The vulnerability is an XSS in the rc_ajax function in core.php that allows an attacker to inject arbitrary web script or HTML via the page parameter, related to AJAX paging. Affected component: WordPress WP-R...
CVE-2012-1067
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
CVE-2012-1068
Cross-site scripting XSS vulnerability in the rcajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging...