CVE-2022-1672

The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks...

CVE-2022-1672

The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks...

Cross site request forgery (csrf)

The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks...

WordPress plugin Insights from Google PageSpeed 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Insights...

Cross-Site Scripting (XSS)

prestashop/pslinklist is vulnerable to cross-site scripting. The vulnerability exists because the custom URLs are not validated in 'buildForm' function in 'CustomUrlType.php' allowing a malicious attacker to inject arbitrary scripts...

Stored XSS with custom URLs in PrestaShop module ps_linklist

Impact Stored XSS when using custom URLs. Patches The problem is fixed in 3.1.0 References Cross-site Scripting XSS - Stored CWE-79...

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to insufficient protection of the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using specially crafted URLs...

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

CVE-2020-5273

In PrestaShop module pslinklist versions before 3.1.0, there is a stored XSS when using custom URLs. The problem is fixed in version 3.1.0...