4 matches found
CVE-2025-58798
Cross-Site Request Forgery CSRF vulnerability in Bjorn Manintveld BCM Duplicate Menu bcm-duplicate-menu allows Cross Site Request Forgery.This issue affects BCM Duplicate Menu: from n/a through = 1.1.3...
PT-2024-10229 · Drupal · Drupal Tooltip
Name of the Vulnerable Software and Affected Versions: Drupal Tooltip versions 0.0.0 through 1.1.2 Description: The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting XSS attacks. This can be exploited by a remote attacker to conduct...
WordPress Reviews Feed plugin <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Limited Settings Update vulnerability discovered by Sajjad Ahmad jacksparrow in WordPress Plugin Reviews Feed versions = 1.1.2...
PT-2023-15659 · WordPress · Wp Tiles
Name of the Vulnerable Software and Affected Versions: WP Tiles WordPress plugin versions 1.1.2 and earlier Description: The issue concerns the WP Tiles WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them in a page or post. This could...