EUVD-2014-7806

Malware in sbrugna...

WordPress Pods – Custom Content Types and Fields plugin < 3.2.8.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Pods versions 3.2.8.1...

WordPress Pods plugin < 3.2.7.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Pods versions 3.2.7.1...

WordPress plugin Pods 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Pods plugin <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pod Form Redirect URL vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Pod Form Redirect URL vulnerability discovered by wesley wcraft in WordPress Plugin Pods versions = 3.2.1...

WordPress Pods plugin <= 3.0.10 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Nex Team in WordPress Plugin Pods versions = 3.0.10...

WordPress Pods plugin <= 3.0.10 - Authenticated (Contributor+) SQL Injection via Shortcode vulnerability

Authenticated Contributor+ SQL Injection via Shortcode vulnerability discovered by Nex Team in WordPress Plugin Pods versions = 3.0.10...

WordPress Pods plugin <= 3.0.10 - Authenticated (Contributor+) Remote Code Execution via Shortcode vulnerability

Authenticated Contributor+ Remote Code Execution via Shortcode vulnerability discovered by Nex Team in WordPress Plugin Pods versions = 3.0.10...

WordPress Pods Plugin <= 3.0.10 is vulnerable to Remote Code Execution (RCE)

Software Pods Type Plugin Vulnerable versions = 3.0.10 Fixed in 3.0.10.2 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-6999 Patch priority Medium CVSS severity Medium 9.9 Developer Pods Framework PSID 2f35523a6e52 Credits Nex Team Required privilege Contributor...

WordPress Pods Plugin <= 2.7.31 is vulnerable to Cross Site Scripting (XSS)

Software Pods Type Plugin Vulnerable versions = 2.7.31 Fixed in 2.8.23 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Pods Framework PSID c91e0056bf48 Credits Rafie Muhammad Patchstack Required privilege...

CVE-2023-23790 WordPress Pods Plugin <= 2.9.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Pods Framework Team Pods – Custom Content Types and Fields plugin = 2.9.10.2 versions...

WordPress Pods Plugin <= 2.9.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Pods Type Plugin Vulnerable versions = 2.9.10.2 Fixed in 2.9.11 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23790 Patch priority Low CVSS severity Low 7.1 Developer Pods Framework PSID f64545c57092 Credits Rafshanzani Suhada Required...

WordPress Pods 2.4.3 CSRF / Cross Site Scripting

Vulnerability title: Wordpress plugin Pods alert'xss' target="http://localhost"; for i=0; i'; CSRF 2 delete pods plugin data: CSRF 3 deactivate pods and delete data: CSRF 4 enable "roles and capab...