39 matches found
quark-auto-save 安全漏洞
Quark-auto-save is a personal development tool created by Cp0204, designed for automatic transfer of data to Quark Cloud Storage and management of sign-ins. Versions of quark-auto-save prior to 0.8.5 contained security vulnerabilities. These vulnerabilities stemmed from a batch assignment...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
EUVD-2023-45227
Malicious code in bioql PyPI...
CVE-2025-7843
The Auto Save Remote Images Drafts plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.9 via the fetchimages function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to...
WordPress plugin Auto Save Remote Images (Drafts) 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress Auto Save Remote Images (Drafts) plugin <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability
Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Save Remote Images Drafts versions = 1.0.9...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
January 28, 2025—KB5050094 (OS Build 26100.3037) Preview
None None...
WordPress QQWorld Auto Save Images plugin <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval vulnerability
Missing Authorization to Arbitrary Post Content Retrieval vulnerability discovered by Francesco Carlucci in WordPress Plugin QQWorld Auto Save Images versions = 1.9.8...
WordPress QQWorld Auto Save Images Plugin <= 1.9.8 is vulnerable to Broken Access Control
Software QQWorld Auto Save Images Type Plugin Vulnerable versions = 1.9.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1324 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 67a28d48882a Credits Francesco Carlucci...
CVE-2024-1324 QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval
The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated...
QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval
Description The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the saveremoteimagesgetautosavedresults function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in ??wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
CVE-2023-40671
CVE-2023-40671 concerns the WordPress plugin DX-auto-save-images (vulnerable
CVE-2023-40671 WordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in 大侠wp DX-auto-save-images plugin = 1.4.0 versions...
PT-2023-27591 · 大侠Wp · Dx-Auto-Save-Images
Name of the Vulnerable Software and Affected Versions: 大侠wp DX-auto-save-images plugin versions 1.4.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...
WordPress Plugin dx-auto-save-images Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...