18 matches found
EUVD-2017-11378
Malware in sbrugna...
EUVD-2024-52051
Malicious code in bioql PyPI...
CVE-2024-53718
Cross-Site Request Forgery CSRF vulnerability in Eric Teubert Multi Feed Reader multi-feed-reader allows Stored XSS.This issue affects Multi Feed Reader: from n/a through = 2.2.4...
CVE-2024-53718
Cross-Site Request Forgery CSRF vulnerability in Eric Teubert Multi Feed Reader multi-feed-reader allows Stored XSS.This issue affects Multi Feed Reader: from n/a through = 2.2.4...
CVE-2024-53718 WordPress Multi Feed Reader plugin <= 2.2.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Eric Teubert Multi Feed Reader multi-feed-reader allows Stored XSS.This issue affects Multi Feed Reader: from n/a through = 2.2.4...
CVE-2024-53718 WordPress Multi Feed Reader plugin <= 2.2.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Eric Teubert Multi Feed Reader allows Stored XSS.This issue affects Multi Feed Reader: from n/a through 2.2.4...
CVE-2024-53718
CVE-2024-53718 is a CSRF to Stored XSS vulnerability affecting the WordPress Multi Feed Reader plugin (versions
PT-2024-35825 · Unknown · Multi Feed Reader
Name of the Vulnerable Software and Affected Versions: Multi Feed Reader versions prior to 2.2.4 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
WordPress plugin Multi Feed Reader 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...
WordPress Multi Feed Reader plugin <= 2.2.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CSRF to Stored Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Multi Feed Reader versions = 2.2.4...
WordPress Multi Feed Reader Plugin <=2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Multi Feed Reader Type Plugin Vulnerable versions =2.2.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53718 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID d3cb59a47389 Credits Joshua Chan Required...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2017-2195
The CVE-2017-2195 entry corresponds to a SQL injection vulnerability in the WordPress plugin “Multi Feed Reader”, affecting versions prior to 2.2.4. The root cause is an SQLi flaw in the plugin’s handling of database queries, enabling an authenticated attacker to execute arbitrary SQL commands vi...
WordPress Multi Feed Reader Plugin SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers.Multi Feed Reader is one of the components used to create RSS feed templates. A SQL injection vulnerability exists in Mult...
JVN#98617234: WordPress plugin "Multi Feed Reader" vulnerable to SQL injection
The WordPress plugin "Multi Feed Reader" contains an SQL injection vulnerability CWE-89. Impact An attacker who can access the product may execute an arbitrary SQL command. Information stored in the database may be obtained or altered by an attacker. Solution Update the plugin Update the plugin...