2 matches found
CVE-2021-34637 Post Index <= 0.7.5 Cross-Site Request Forgery to Stored Cross-Site Scripting
The Post Index WordPress plugin is vulnerable to Cross-Site Request Forgery via the OptionsPage function found in the /php/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.5...
CVE-2021-34637
The CVE-2021-34637 item applies to the WordPress Post Index plugin, affected through CSRF via the OptionsPage in php/settings.php, with vulnerable versions up to 0.7.5. Public references describe an attacker who can inject arbitrary web scripts, resulting in stored XSS, via a CSRF flaw. Connected...