7 matches found
CVE-2022-2311
The Find and Replace All WordPress plugin before 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to the user, leading to a Reflected Cross-Site Scripting issue...
Cross site request forgery (csrf)
The Find and Replace All WordPress plugin before 1.3 does not have CSRF check when replacing string, which could allow attackers to make a logged admin replace arbitrary string in database tables via a CSRF attack...
CVE-2022-2311 Find and Replace All < 1.3 - Reflected Cross Site Scripting
The Find and Replace All WordPress plugin before 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to the user, leading to a Reflected Cross-Site Scripting issue...
CVE-2022-2311 Find and Replace All < 1.3 - Reflected Cross Site Scripting
The Find and Replace All WordPress plugin before 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to the user, leading to a Reflected Cross-Site Scripting issue...
PT-2022-15852 · WordPress · Find/Replace All
Name of the Vulnerable Software and Affected Versions: Find and Replace All WordPress plugin versions prior to 1.3 Description: The issue arises from the plugin not sanitizing and escaping some parameters from its setting page before outputting them back to the user, leading to a Reflected...
WordPress Find and Replace All plugin <= 1.3 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to Arbitrary Replacement discovered by Vinay Varma Mudunuri, Krishna Harsha Kondaveeti in WordPress Find and Replace All plugin versions = 1.3. Solution No patched version available...
WordPress Find and Replace All plugin <= 1.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress Find and Replace All plugin versions = 1.2. Solution Update the WordPress Find and Replace All plugin to the latest available version at least 1.3...