WordPress Himer theme < 2.1.1 - Arbitrary Group Joining via CSRF vulnerability

Arbitrary Group Joining via CSRF vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.1...

WordPress Himer theme < 2.1.1 - Subscriber+ Private Group Joining via IDOR vulnerability

Subscriber+ Private Group Joining via IDOR vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.1...

WordPress Himer theme < 2.1.3 - CSRF While Sending the Invites

CSRF While Sending the Invites vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.3...

WordPress Himer theme < 2.1.1 - Bypass Poll Voting Restrictions via CSRF vulnerability

Bypass Poll Voting Restrictions via CSRF vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.1...

CVE-2024-2234

The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2024-2040

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack...

CVE-2024-2233

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group...

EUVD-2022-42730

Malicious code in bioql PyPI...

CVE-2024-2235

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack...

CVE-2024-2232 Himer - Social Questions and Answers < 2.1.3 - CSRF While Sending the Invites

The lacks CSRF checks allowing a user to invite any user to any group including private groups...

CVE-2024-2232 Himer - Social Questions and Answers < 2.1.3 - CSRF While Sending the Invites

The lacks CSRF checks allowing a user to invite any user to any group including private groups...

WordPress plugin Himer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in...

WordPress Himer theme < 2.1.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Theme Himer versions 2.1.1...

WordPress Himer theme < 2.1.1 - Multiple CSRF vulnerability

Multiple CSRF vulnerability discovered by Sushmita Poudel in WordPress Theme Himer versions 2.1.1...

CVE-2024-2235

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack...

CVE-2024-2235

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack...

CVE-2024-2233

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group...

CVE-2024-2234

The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2024-2040

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack...

CVE-2024-2040

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack...