10 matches found
CVE-2022-29411
SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers to execute SQLi attack via &id...
CVE-2022-29413
Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress via &title parameter...
CVE-2022-29410
Authenticated SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via &ids...
Sql injection
SQL Injection SQLi vulnerability in Mufeng's Hermit ????? plugin = 3.1.6 on WordPress allows attackers to execute SQLi attack via &id...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS in Mufeng's Hermit ????? plugin = 3.1.6 on WordPress via &title parameter...
Sql injection
Authenticated SQL Injection SQLi vulnerability in Mufeng's Hermit ????? plugin = 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via &ids...
CVE-2022-29411
CVE-2022-29411 affects WordPress Hermit plugin versions ≤ 3.1.6. The vulnerability is an unauthenticated SQL Injection via the id parameter (unsanitized/uncalled parameter handling), enabling attackers to inject SQL statements. Impact per sources includes potential disclosure/modify data and poss...
CVE-2022-29413
The CVE-2022-29413 entry concerns Mufeng’s Hermit WordPress plugin (versions
CVE-2022-29413 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress via &title parameter...
CVE-2022-29410
CVE-2022-29410 corresponds to a SQL injection in WordPress plugin Hermit (Hermit 音乐播放器)