35 matches found
CVE-2024-51647
The CVE-2024-51647 entry concerns the WordPress Featured Posts Scroll plugin, versions 1.25 and earlier. The vulnerability is CSRF that enables Stored XSS within the plugin. PT-2024-34791 provides a practical note: a CSRF flaw allows stored XSS; workaround recommendations include disabling exploi...
CVE-2024-51647 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...
CVE-2024-51647 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25...
WordPress plugin Featured Posts Scroll 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2024-16643 · WordPress · Featured Posts Scroll
Name of the Vulnerable Software and Affected Versions: Featured Posts Scroll plugin for WordPress versions up to, and including, 1.25 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to update settings and injec...
WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Featured Posts Scroll versions = 1.25...
WordPress Featured Posts Scroll Plugin <= 1.25 is vulnerable to Cross Site Request Forgery (CSRF)
Software Featured Posts Scroll Type Plugin Vulnerable versions = 1.25 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51647 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 4e8c9b0726a9 Credits SOPROBRO Require...
CVE-2024-48031
Cross-Site Request Forgery CSRF vulnerability in sumitsurai Featured Posts with Multiple Custom Groups FPMCG featured-posts-with-multiple-custom-groups-fpmcg allows Cross Site Request Forgery.This issue affects Featured Posts with Multiple Custom Groups FPMCG: from n/a through = 4.0...
CVE-2024-48032
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sumitsurai Featured Posts with Multiple Custom Groups FPMCG featured-posts-with-multiple-custom-groups-fpmcg allows Reflected XSS.This issue affects Featured Posts with Multiple Custom Groups FPMCG...
PT-2024-32950 · Unknown · Featured Posts With Multiple Custom Groups
Name of the Vulnerable Software and Affected Versions: Featured Posts with Multiple Custom Groups FPMCG versions n/a through 4.0 Description: This issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. It allows for Reflected XS...
PT-2024-32949 · Unknown · Featured Posts With Multiple Custom Groups
Name of the Vulnerable Software and Affected Versions: Featured Posts with Multiple Custom Groups FPMCG versions n/a through 4.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions n/a through 4.0, update ...
WordPress plugin Featured Posts with Multiple Custom Groups 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress plugin Featured Posts with Multiple Custom Groups 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress...
WordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Featured Posts with Multiple Custom Groups FPMCG versions = 4.0...
WordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Featured Posts with Multiple Custom Groups FPMCG versions = 4.0...