Lucene search
+L

39 matches found

cnnvd
cnnvd
added 2026/05/13 12:0 a.m.11 views

quark-auto-save 安全漏洞

Quark-auto-save is a personal development tool created by Cp0204, designed for automatic transfer of data to Quark Cloud Storage and management of sign-ins. Versions of quark-auto-save prior to 0.8.5 contained security vulnerabilities. These vulnerabilities stemmed from a batch assignment...

8.8CVSS5.9AI score0.00367EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:24 a.m.9 views

CVE-2023-40671

Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-45227

Malicious code in bioql PyPI...

8.8CVSS7.9AI score0.00214EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/12 7:11 a.m.14 views

CVE-2025-7843

The Auto Save Remote Images Drafts plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.9 via the fetchimages function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to...

6.4CVSS5.8AI score0.0018EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/09/10 12:0 a.m.5 views

WordPress plugin Auto Save Remote Images (Drafts) 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

6.4CVSS6.4AI score0.0018EPSS
Exploits0References2
patchstack
patchstack
added 2025/09/09 11:19 p.m.10 views

WordPress Auto Save Remote Images (Drafts) plugin <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability

Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Save Remote Images Drafts versions = 1.0.9...

6.4CVSS6.9AI score0.0018EPSS
Exploits0References1Affected Software1
redhat
redhat
added 2025/05/27 12:28 p.m.6 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
mskb
mskb
added 2025/01/28 12:0 a.m.11 views

January 28, 2025—KB5050094 (OS Build 26100.3037) Preview

None None...

6.1AI score
Exploits0
patchstack
patchstack
added 2024/06/03 1:49 a.m.5 views

WordPress QQWorld Auto Save Images plugin <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval vulnerability

Missing Authorization to Arbitrary Post Content Retrieval vulnerability discovered by Francesco Carlucci in WordPress Plugin QQWorld Auto Save Images versions = 1.9.8...

5.3CVSS7AI score0.00349EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/06/03 12:0 a.m.14 views

WordPress QQWorld Auto Save Images Plugin <= 1.9.8 is vulnerable to Broken Access Control

Software QQWorld Auto Save Images Type Plugin Vulnerable versions = 1.9.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1324 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 67a28d48882a Credits Francesco Carlucci...

5.3CVSS6.6AI score0.00349EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/06/01 6:51 a.m.33 views

CVE-2024-1324 QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval

The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated...

5.3CVSS5.5AI score0.00349EPSS
Exploits0References2
wpvulndb
wpvulndb
added 2024/05/31 12:0 a.m.17 views

QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval

Description The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for...

5.3CVSS5.5AI score0.00349EPSS
Exploits0References1
nvd
nvd
added 2023/10/06 1:15 p.m.15 views

CVE-2023-40671

Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
osv
osv
added 2023/10/06 1:15 p.m.4 views

CVE-2023-40671

Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
prion
prion
added 2023/10/06 1:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ??wp DX-auto-save-images plugin = 1.4.0 versions...

6.8CVSS8.8AI score0.00214EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/10/06 12:38 p.m.15 views

CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...

4.3CVSS7.4AI score0.00214EPSS
Exploits0References1
cve
cve
added 2023/10/06 12:38 p.m.65 views

CVE-2023-40671

CVE-2023-40671 concerns the WordPress plugin DX-auto-save-images (vulnerable

8.8CVSS6.5AI score0.00214EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/10/06 12:38 p.m.22 views

CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...

4.3CVSS9AI score0.00214EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/10/06 12:0 a.m.6 views

PT-2023-27591 · 大侠Wp · Dx-Auto-Save-Images

Name of the Vulnerable Software and Affected Versions: 大侠wp DX-auto-save-images plugin versions 1.4.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...

8.8CVSS7.5AI score0.00214EPSS
Exploits0References6
cnnvd
cnnvd
added 2023/10/06 12:0 a.m.5 views

WordPress Plugin dx-auto-save-images Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS6.6AI score0.00214EPSS
Exploits0References2
Rows per page
Query Builder