23 matches found
CVE-2025-11993 WooCommerce Infinite Scroll and Ajax Pagination <= 1.8 - Authenticated (Subscriber+) PHP Object Injection
The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8 via the 'settings' parameter in the 'importsettings' function. This is due to deserialization of untrusted data supplied via the import...
EUVD-2023-38157
Malicious code in bioql PyPI...
CVE-2023-34033
Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...
CVE-2023-34033
Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...
CVE-2023-34033
A vulnerability in craigramsay Ajax Pagination and Infinite Scroll malinky-ajax-pagination.This issue affects Ajax Pagination and Infinite Scroll: from n/a through = 2.0.1...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin = 2.0.1 versions...
CVE-2023-34033
CVE-2023-34033 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Malinky Ajax Pagination and Infinite Scroll , affecting versions ≤ 2.0.1. Public sources confirm the issue as CSRF with no patch available, and recommend upgrading to a version newer than 2.0.1 as the reme...
PT-2023-24649 · WordPress · Malinky Ajax Pagination/Infinite Scroll
Name of the Vulnerable Software and Affected Versions: Malinky Ajax Pagination and Infinite Scroll plugin versions = 2.0.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application tha...
WordPress Plugin malinky-ajax-pagination Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Ajax Pagination and Infinite Scroll Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Ajax Pagination and Infinite Scroll Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-34033 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 411a2149f500 Credits...
WordPress Ajax Pagination (twitter Style) plugin path traversal vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers set up a personal blog site . Ajax Pagination twitter Style plugin is used in one of the paging plugin . A path traversal vulnerability exist...
CVE-2014-2674
Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...
CVE-2014-2674
Directory traversal vulnerability in the Ajax Pagination twitter Style plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the loop parameter in an ajaxnavigation action to wp-admin/admin-ajax.php...
CVE-2014-2674
CVE-2014-2674 affects the WordPress Ajax Pagination (twitter Style) plugin, version 1.1. A path traversal/local file inclusion vulnerability exists in the plugin’s ajax_navigation action, allowing remote attackers to read arbitrary files by injecting ".." into the loop parameter sent to wp-admin/...
Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion
Plugin is still affected and has been closed...
Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion
No description provided by source...
Ajax Pagination (twitter Style) Plugin for WordPress Local File Inclusion
The Ajax Pagination twitter Style plugin for WordPress installed on the remote host is affected by a local file inclusion vulnerability due to a failure to properly sanitize user-supplied input to the 'loop' parameter of the '/wp-admin/admin-ajax.php' script. A remote, unauthenticated attacker ca...
WordPress Ajax Pagination插件'admin-ajax.php'本地文件包含漏洞
Bugtraq ID:66526 WordPress是一款内容管理系统。 由于'admin-ajax.php'脚本没有正确过滤用户提交的输入,攻击者可以利用漏洞包含本地文件,以WEB权限查看系统文件。 0 WordPress Ajax Pagination Plugin 1.1 目前没有详细解决方案: http://wordpress.org/plugins/ajax-pagination/...
WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion
Ajax Pagination plugin is prone to a file inclusion vulnerability. It is exploitable by an unauthenticated user, who can include any local file ending in “.php” which is accessible to the web user. Solution Upgrade the plugin...
Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Details ================ Software: Ajax Pagination twitter Style Version: 1.1 Homepage: http://wordpress.org/plugins/ajax-pagination/ CVSS: 9.3 High; AV:N/AC:M/Au:N/C:C/I:C/A:C Description ================ End-user exploitable local file...