10 matches found
DEBIAN-CVE-2021-29970
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered when accessibility was enabled.. This vulnerability affects Thunderbird 78.12, Firefox ESR 78.12, and Firefox 90...
WordPress 3.9.x < 3.9.15 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.2.x < 4.2.11 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress Cross-Site Request Forgery Vulnerability (CNVD-2017-00613)
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the widget-editingaccessibility-mode feature in WordPres...
CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
DEBIAN-CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
CVE-2017-5492
Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...
WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
...