25 matches found
CVE-2022-0949
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbotsgravafingerprint AJAX action, available to unauthenticated users,...
EUVD-2021-11982
Malware in sbrugna...
EUVD-2025-26082
Malicious code in bioql PyPI...
EUVD-2023-36740
Malicious code in bioql PyPI...
PT-2025-34988
Name of the Vulnerable Software and Affected Versions: Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress versions through 11.58 Description: The plugin is susceptible to unauthorized data access due to an inadequate capability check within the...
WordPress plugin Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection 安全漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Block Bad Bots and Stop Bad Bo...
CVE-2024-4355
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the stopbadbotsgetajaxdata function in all versions up to, and including, 10.23. This makes it possible for...
CVE-2023-32496
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin = 7.31 versions...
CVE-2021-25070
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue...
CVE-2024-4355
The CVE-2024-4355 entry concerns the WordPress plugin Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection. The root cause is a missing capability check in the stopbadbots_get_ajax_data() function affecting all versions up to 10.24, enabling authenticated users with subs...
PT-2024-30599 · WordPress · Block Bad Bots/Stop Bad Bots Crawlers/Spiders/Anti Spam Protection
Name of the Vulnerable Software and Affected Versions: The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress versions up to, and including, 10.24 Description: The issue is related to unauthorized access of data due to a missing capability check on...
CVE-2023-32496
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin = 7.31 versions...
CVE-2023-32496
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin = 7.31 versions...
CVE-2023-32496
CVE-2023-32496 corresponds to a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection (StopBadBots) for versions
CVE-2022-3883
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress....
PT-2022-24588 · WordPress · Block Bad Bots/Stop Bad Bots Crawlers/Spiders/Anti Spam Protection
Name of the Vulnerable Software and Affected Versions: The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin versions prior to 7.24 Description: The issue is related to a lack of proper authorization and CSRF protection in an AJAX action. This allows...
CVE-2022-0949
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbotsgravafingerprint AJAX action, available to unauthenticated users,...
WordPress Block Bad Bots plugin SQL injection vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Block Bad Bots plugin version 6.88 before the SQL injection vulnerability, the vulnerability stems from the use of SQL...
CVE-2021-25070
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue...
CVE-2021-25070
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue...