3 matches found
PT-2024-17133 · WordPress · Gtpayment Donations
Name of the Vulnerable Software and Affected Versions: GTPayment Donations WordPress plugin versions 1.0.0 and earlier Description: The issue concerns a lack of CSRF check in some areas of the plugin, along with missing sanitization and escaping. This could allow attackers to make logged-in...
PT-2020-12100 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/manage-subscribers.php by adding a question mark ?...
PT-2020-12095 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited by injecting arbitrary web script or HTML in...