3 matches found
EUVD-2007-2820
Malware in sbrugna...
CVE-2023-4307 Lock User Account <= 1.0.3 - Arbitrary Account Lock/Unlock via CSRF
The Lock User Account WordPress plugin through 1.0.3 does not have CSRF check when bulk locking and unlocking accounts, which could allow attackers to make logged in admins lock and unlock arbitrary users via a CSRF attack...
Nihuo Web Log Analyzer 1.6 - HTML Injection
Nihuo Web Log Analyzer 1.6 - HTML Injection source: https://www.securityfocus.com/bid/10988/info An HTML injection vulnerability is reported in Nihuo Web Log Analyzer. The problem occurs due to a lack of proper sanitization of user-supplied input data. Attackers may potentially exploit this issue...