CVE-2024-1213

The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.4. This is due to missing or incorrect nonce validation on the esfinstasaveaccesstoken and efblsavefacebookaccesstoken...

CVE-2023-45376

In the module "Carousels Pack - Instagram, Products, Brands, Supplier" hicarouselspack for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct...