Lucene search
K

61 matches found

Prion
Prion
added 2023/10/03 12:15 p.m.20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in 99robots Header Footer Code Manager plugin = 1.1.34 versions...

6.8CVSS8.8AI score0.00221EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/03 11:17 a.m.47 views

CVE-2023-39989

CVE-2023-39989 affects the WordPress plugin Header Footer Code Manager (versions ≤ 1.1.34). The issue is a Cross-Site Request Forgery (CSRF) vulnerability, allowing unauthenticated exploitation of authorized actions. Patchstack lists a fix in 1.1.35 and notes the vulnerability has a low severity ...

8.8CVSS7.2AI score0.00221EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/08/09 12:0 a.m.20 views

WordPress Header Footer Code Manager Plugin <= 1.1.34 is vulnerable to Cross Site Request Forgery (CSRF)

Software Header Footer Code Manager Type Plugin Vulnerable versions = 1.1.34 Fixed in 1.1.35 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-39989 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5536fb0cce4a Credits Rafie...

8.8CVSS6.8AI score0.00221EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2022/07/26 12:0 a.m.11 views

WordPress Header Footer Code Manager Plugin < 1.1.24 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

6.1CVSS6.4AI score0.01072EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/25 1:15 p.m.5 views

CVE-2022-0899

The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.01072EPSS
Exploits2References3
OSV
OSV
added 2022/07/25 1:15 p.m.3 views

CVE-2022-0899

The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.4AI score
Exploits0References1
Cvelist
Cvelist
added 2022/07/25 12:45 p.m.24 views

CVE-2022-0899 Header Footer Code Manager < 1.1.24 - Reflected Cross-Site Scripting

The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting...

6.5AI score0.01072EPSS
Exploits2References1
CVE
CVE
added 2022/07/25 12:45 p.m.86 views

CVE-2022-0899

CVE-2022-0899 affects the WordPress plugin Header Footer Code Manager prior to version 1.1.24. The vulnerability arises because generated URLs are not escaped before being output in admin page attributes, enabling Reflected Cross-Site Scripting. Exploitation context: authenticated attackers can i...

6.1CVSS6.2AI score0.01072EPSS
Exploits2References1Affected Software1
OpenVAS
OpenVAS
added 2022/03/08 12:0 a.m.17 views

WordPress Header Footer Code Manager Plugin < 1.1.17 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

6.1CVSS6.4AI score0.02379EPSS
Exploits2References1
OSV
OSV
added 2022/02/24 7:15 p.m.2 views

CVE-2022-0710

The Header Footer Code Manager plugin = 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter...

6.1CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2022/02/24 6:27 p.m.102 views

CVE-2022-0710

The CVE-2022-0710 entry concerns the WordPress plugin Header Footer Code Manager (versions ≤ 1.1.16). The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw exploitable via the $_REQUEST['page'] parameter. Multiple sources confirm the affected plugin and the XSS impact; OpenVAS and Tena...

6.1CVSS6AI score0.02379EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/24 6:27 p.m.15 views

CVE-2022-0710 Header Footer Code Manager <= 1.1.16 Reflected XSS

The Header Footer Code Manager plugin = 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter...

6.1CVSS6.1AI score0.02379EPSS
Exploits2References1
CNVD
CNVD
added 2022/02/24 12:0 a.m.17 views

WordPress Header Footer Code Manager plugin跨站脚本漏洞

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Header Footer Code Manager plugin 1.1.16 and previous versions have a cross-site scripting vulnerability that can...

6.1CVSS2.1AI score0.02379EPSS
Exploits2References1
Wordfence Blog
Wordfence Blog
added 2022/02/22 2:1 p.m.47 views

Reflected XSS in Header Footer Code Manager

On February 15, 2022, the Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting XSS vulnerability in Header Footer Code Manager, a WordPress plugin with over 300,000 installations. The plugin publisher quickly acknowledged our initial contact and we sent the fu...

4.3CVSS6.1AI score0.02379EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/02/22 12:0 a.m.274 views

WordPress 99robots Header Footer Code Manager 1.1.16 Cross Site Scripting

On February 15, 2022, the Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting XSS vulnerability in Header Footer Code Manager, a WordPress plugin with over 300,000 installations. The plugin publisher quickly acknowledged our initial contact and we sent the fu...

0.2AI score0.02379EPSS
Exploits2
0day.today
0day.today
added 2022/02/22 12:0 a.m.262 views

WordPress 99robots Header Footer Code Manager 1.1.16 Cross Site Scripting Vulnerability

The Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting XSS vulnerability in Header Footer Code Manager, a WordPress plugin with over 300,000 installations. The plugin publisher quickly acknowledged our initial contact and we sent the full disclosure details...

6.1CVSS0.1AI score0.02379EPSS
Exploits2
Patchstack
Patchstack
added 2022/02/18 12:0 a.m.34 views

WordPress Header Footer Code Manager plugin <= 1.1.16 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Ramuel Gall in WordPress Header Footer Code Manager plugin versions = 1.1.16. Solution Update the WordPress Header Footer Code Manager plugin to the latest available version at least 1.1.17...

6.1CVSS1.8AI score0.02379EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2021/11/08 6:15 p.m.2 views

CVE-2021-24791

The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections...

7.2CVSS5.8AI score0.05124EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/11/08 5:35 p.m.28 views

CVE-2021-24791 Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections

The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections...

7.3AI score0.05124EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/10/11 12:0 a.m.21 views

Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections

The plugin does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections PoC...

7.2CVSS1.3AI score0.05124EPSS
Exploits2Affected Software1
Rows per page
Query Builder