12 matches found
CVE-2025-11816
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...
CVE-2025-11816
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...
CVE-2025-11816
CVE-2025-11816 concerns the WP Legal Pages (Privacy Policy Generator, Terms & Conditions Generator) WordPress plugin. Wordfence reports that all versions up to and including 3.5.1 are vulnerable due to a missing capability check in disconnect_account_request(), enabling unauthenticated attackers ...
EUVD-2020-2655
Malware in sbrugna...
Online Pizza Ordering 1.0 Shell Upload
Title: Online-Pizza-Ordering-1.0 File-Inclusion-RCE Author: nu11secur1ty Date: 03.30.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Reference: https://portswigger.net/web-security/file-upload...
CVE-2021-46252
A Cross-Site Request Forgery CSRF in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses...
CVE-2021-46252
A Cross-Site Request Forgery CSRF in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses...
CVE-2021-46252
A Cross-Site Request Forgery CSRF in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses...
Wiki Scratch -confirmaccount-v3 跨站请求伪造漏洞
Wiki Scratch -confirmaccount-v3 is a software application. Wiki Scratch -confirmaccount-v3 suffers from a cross-site request forgery vulnerability that stems from the software's lack of validation for cross-site request forgery tokens. An attacker could use this vulnerability to modify an account...
Postmates: Web cache poisoning attack leads to user information and more
Hello, Your Web-Server is vulnerable to web cache poisoning attacks. This means, that the attacker are able to get another user informations. If you are logged in and visit this website For example: https://postmates.com/SomeRandomText.css Then the server will store the information in the cache,...
CVE-2018-14873
An issue was discovered in Rincewind 0.1. There is a cross-site scripting XSS vulnerability involving a p=account request to index.php and another file named commonPages.php...
CVE-2018-14873
An issue was discovered in Rincewind 0.1. There is a cross-site scripting XSS vulnerability involving a p=account request to index.php and another file named commonPages.php...