Lucene search
+L

44 matches found

Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.16 views

PT-2023-29459 · WordPress · Import Xml/Rss Feeds

Name of the Vulnerable Software and Affected Versions: Import XML and RSS Feeds WordPress plugin versions prior to 2.1.5 Description: The issue allows unauthenticated attackers to perform remote code execution RCE due to a web shell in the plugin. This web shell was introduced as a result of a...

9.8CVSS9.9AI score0.39294EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.10 views

WordPress plugin Import XML and RSS Feeds Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...

9.8CVSS8.4AI score0.39294EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.7 views

WordPress plugin Import XML and RSS Feeds Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...

7.2CVSS8.3AI score0.01698EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.9 views

PT-2023-28663 · WordPress · Import Xml/Rss Feeds

Name of the Vulnerable Software and Affected Versions: Import XML and RSS Feeds WordPress plugin versions prior to 2.1.4 Description: The issue allows an attacker to upload a malicious PHP file due to a lack of file extension filtering for uploaded files, leading to Remote Code Execution...

7.2CVSS7.8AI score0.01698EPSS
Exploits2References4
NVD
NVD
added 2022/10/25 5:15 p.m.16 views

CVE-2022-35262

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

7.5CVSS0.0087EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.7 views

CVE-2022-35262

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

7.5CVSS5.8AI score0.0087EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/10/25 4:34 p.m.21 views

CVE-2022-35262

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

4.9CVSS7.5AI score0.0087EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.9 views

PT-2022-22666 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...

7.5CVSS5.3AI score0.0087EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.9 views

PT-2022-23345 · WordPress · Soflyy Import Any Xml/Csv File To Wordpress

Name of the Vulnerable Software and Affected Versions: Soflyy Import any XML or CSV File to WordPress plugin versions = 3.6.7 Description: The issue is related to an Authenticated Arbitrary Code Execution vulnerability. This allows for the execution of arbitrary code by an authenticated user...

9.1CVSS7.2AI score0.0108EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/07/04 12:0 a.m.5 views

PT-2022-15625 · WordPress · Import Any Xml/Csv File To Wordpress

Name of the Vulnerable Software and Affected Versions: Import any XML or CSV File to WordPress plugin versions prior to 3.6.8 Description: The issue allows high privilege users, such as admins, to upload arbitrary files, including PHP files, by accepting all zip files and automatically extracting...

7.2CVSS7.5AI score0.01374EPSS
Exploits2References5
GithubExploit
GithubExploit
added 2021/07/12 2:1 a.m.105 views

Exploit for Server-Side Request Forgery in Mooveagency Import_Xml_And_Rss_Feeds

CVE-2020-24148 Server-side request forgery SSRF in the Impo...

9.1CVSS9.1AI score0.14745EPSS
Exploits1
CNVD
CNVD
added 2021/07/09 12:0 a.m.17 views

WordPress server-side request forgery vulnerability (CNVD-2021-59066)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. import-xml-feed of WordPress is vulnerable to server-side request forgery. No detailed vulnerability...

9.1CVSS2.2AI score0.14745EPSS
Exploits1References1
NVD
NVD
added 2021/07/07 2:15 p.m.28 views

CVE-2020-24148

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

9.1CVSS0.14745EPSS
Exploits1References2
OSV
OSV
added 2021/07/07 2:15 p.m.8 views

CVE-2020-24148

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

9.1CVSS5.8AI score0.14745EPSS
Exploits1References2
Prion
Prion
added 2021/07/07 2:15 p.m.20 views

Server side request forgery (ssrf)

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

6.4CVSS9.2AI score0.14745EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/07/07 1:39 p.m.90 views

CVE-2020-24148

The CVE-2020-24148 entry is concrete: WordPress Import XML and RSS Feeds (import-xml-feed) plugin is affected up to version 2.0.1. The flaw is a server-side request forgery (SSRF) via the data parameter in the moove_read_xml action, implemented when the plugin fetches a URL using data as input (v...

9.1CVSS9.2AI score0.14745EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/07 1:39 p.m.29 views

CVE-2020-24148

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

9.4AI score0.14745EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.8 views

WordPress 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. import-xml-feed of WordPress is vulnerable to server-side request forgery. No detailed vulnerability...

9.1CVSS5.6AI score0.14745EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/01/01 1:25 a.m.34 views

CVE-2020-35938

PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...

7.5CVSS8.8AI score0.02082EPSS
Exploits1References1
Patchstack
Patchstack
added 2020/09/22 12:0 a.m.29 views

WordPress Import XML and RSS Feeds plugin <= 2.0.1 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Import XML and RSS Feeds plugin versions = 2.0.1. Solution Update the WordPress Import XML and RSS Feeds plugin to the latest available version at least 2.0.2...

9.1CVSS2.4AI score0.14745EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder