Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2014-9212

Malware in sbrugna...

6.8CVSS6.4AI score0.00125EPSS
Exploits2References3
CNVD
CNVDadded 2015/01/08 12:0 a.m.5 views

WordPress plugin gSlideShow has multiple cross-site request forgery vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL. gSlideShow plugin is a plugin for photo album management. The WordPress plugin gSlideShow suffers from multiple...

6.8CVSS7AI score0.00125EPSS
Exploits2References1
NVD
NVDadded 2014/12/31 9:59 p.m.14 views

CVE-2014-9391

Multiple cross-site request forgery CSRF vulnerabilities in the gSlideShow plugin 0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 rss, 2 displaytime or 3 transistiontime...

6.8CVSS6.6AI score0.00125EPSS
Exploits2References1
Prion
Prionadded 2014/12/31 9:59 p.m.17 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the gSlideShow plugin 0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 rss, 2 displaytime or 3 transistiontime...

6.8CVSS7AI score0.00125EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2014/12/31 9:0 p.m.38 views

CVE-2014-9391

CVE-2014-9391 affects the WordPress gSlideShow plugin (version 0.1 and earlier). The vulnerability is a multi-parameter CSRF (and associated XSS in documentation) in gslideshow.php that allows remote attackers to hijack administrator authentication for requests to wp-admin/options-general.php via...

6.8CVSS6.8AI score0.00125EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2014/12/31 9:0 p.m.17 views

CVE-2014-9391

Multiple cross-site request forgery CSRF vulnerabilities in the gSlideShow plugin 0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 rss, 2 displaytime or 3 transistiontime...

6.6AI score0.00125EPSS
Exploits2References1
Packet Storm
Packet Stormadded 2014/12/18 12:0 a.m.42 views

WordPress gSlideShow 0.1 CSRF / XSS

Title: CSRF / Stored XSS Vulnerability in gSlideShow Wordpress Plugin Author: Manideep K CVE-ID: CVE 2014-9391 Plugin Homepage: https://wordpress.org/plugins/gslideshow/ Version Affected: 0.1 probably lower versions Severity: High Description: Vulnerable Parameter: 1 id:rssid , name:rss 2...

6.8CVSS0.2AI score0.00125EPSS
Exploits2
WPVulnDB
WPVulnDBadded 2014/12/18 12:0 a.m.17 views

Gslideshow <= 0.1 - Multiple CSRF

Plugin is still affected and has been closed...

6.8CVSS2.6AI score0.00125EPSS
Exploits2References1Affected Software1
Patchstack
Patchstackadded 2014/12/17 12:0 a.m.19 views

WordPress gSlideshow Plugin 0.1 - CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution This plugin is closed...

6.8CVSS4.8AI score0.00125EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder