6 matches found
CVE-2024-22293 WordPress BP Profile Search Plugin <= 5.5 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5...
CVE-2024-22293
The CVE-2024-22293 entry concerns the WordPress BP Profile Search plugin (versions n/a through 5.5). Affected component: BP Profile Search input handling leads to Reflected XSS (Cross-site Scripting). Root cause: improper neutralization of input during web page generation. Impact per sources: att...
CVE-2023-36687
Cross-Site Request Forgery CSRF vulnerability in Andrea Tarantini Menubar plugin = 5.8.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Andrea Tarantini Menubar plugin = 5.8.2 versions...
CVE-2023-36687
CVE-2023-36687 is a CSRF vulnerability in the WordPress Menubar plugin (Andrea Tarantini) up to version 5.8.2. The issue references a CSRF flaw in wpm-admin.php and has a recorded CVSS ~5.4; remediation is to upgrade to 5.9 or later. No exploit details are provided in the supplied documents. Cont...
CVE-2023-36687 WordPress Menubar Plugin <= 5.8.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Andrea Tarantini Menubar plugin = 5.8.2 versions...