Lucene search
K

24 matches found

CNNVD
CNNVD
added 2021/04/12 12:0 a.m.6 views

WordPress 插件 跨站请求伪造漏洞

Patreon is a subscription-based crowdfunding platform and Patreon WordPress is a WordPress plugin for the platform. A cross-site request forgery vulnerability exists in Patreon WordPress versions prior to 1.7.0. An attacker can exploit this vulnerability by tricking an administrator into visiting...

6.5CVSS5.4AI score0.00575EPSS
Exploits1References3
OSV
OSV
added 2021/04/05 7:15 p.m.5 views

CVE-2021-24162

In the Reponsive Menu free and Pro WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in...

8.8CVSS7.2AI score0.00796EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2021/03/25 12:18 p.m.5 views

postgresql: Uncontrolled search path element in CREATE EXTENSION

A flaw was found in PostgreSQL, where some PostgreSQL extensions did not use the searchpath safely in their installation script. This flaw allows an attacker with sufficient privileges to trick an administrator into executing a specially crafted script during the extension's installation or updat...

7.3CVSS7.1AI score0.00532EPSS
Exploits0References4
CNVD
CNVD
added 2016/12/19 12:0 a.m.1 views

Wordpress Quiz And Survey Master Plugin Cross-Site Request Forgery Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . A cross-site request forgery vulnerability exists in the Wordpress Quiz And Survey Master plugin. Attackers can...

6.7AI score
Exploits0References1
Rows per page
Query Builder