27 matches found
CVE-2021-47812 GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with...
CVE-2021-47812 GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with...
PT-2026-3182
GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with...
CVE-2025-10588 PixelYourSite <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification
The PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 11.1.2. This is due to missing or incorrect nonce validation on the adminEnableGdprAjax function. This makes it possible for unauthenticate...
CVE-2025-10588
CVE-2025-10588 affects PixelYourSite – Your smart PIXEL (TAG) & API Manager (WordPress) up to version 11.1.2. The issue is a Cross-Site Request Forgery (CSRF) vulnerability caused by missing or incorrect nonce validation in the adminEnableGdprAjax() function, enabling unauthenticated attackers to...
PT-2025-43023
Name of the Vulnerable Software and Affected Versions PixelYourSite – Your smart PIXEL TAG & API Manager plugin for WordPress versions up to and including 11.1.2 Description The software is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of, or incorrect, nonce validation...
AdRotate < 5.8.22 - Admin+ SQL Injection
The plugin does not sanitise and escape the adrotateaction before using it in a SQL statement via the adrotaterequestaction function available to admins, leading to a SQL injection Get the nonce from one of the bulk action, for example /wp-admin/admin.php?page=adrotate and look for adrotatenonce ...