EUVD-2023-56079

Malicious code in bioql PyPI...

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

CVE-2023-51358

CVE-2023-51358 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Block IPs for Gravity Forms . Public records indicate it affects the Gravity Forms Block IPs feature up to version 1.0.1 , with patches applying in newer releases. The connected documents do not provide ex...

PT-2023-31789 · Unknown · Bright Plugins Block Ips For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Bright Plugins Block IPs for Gravity Forms versions 1.0.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed. This can be exploited by tricking a user into...

Unspecified vulnerability in WordPress login-block-ips plugin

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2022-1579 Login Block IPs <= 1.0.0 - IP Spoofing Bypass

The function checkisloginpage uses headers for the IP check, which can be easily spoofed...

WordPress plugin login-block-ips 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Login Block IPs Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2022-3098

The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-3098

The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-3098

The CVE-2022-3098 entry describes a CSRF vulnerability in the WordPress plugin Login Block IPs, affecting version 1.0.0 and earlier. The issue stems from the plugin not performing a CSRF check when updating its settings, which could allow a logged-in administrator to have their settings changed v...

WordPress plugin Login Block IPs 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Login Block IPs plugin <= 1.0.0 - Arbitrary Setting Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Setting Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress Login Block IPs plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of September 5, 2022 and is not available for download. This closure is temporar...

Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Make a logged in admin open a page containing the HTML code below input type="text" name="ip11" value="...