11 matches found
Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass
Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function in smartgooglecode.php does not check if the...
VulnCheck KEV: CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function...
Oturia Smart Google Code Inserter Plugin for WordPress < 3.5 Multiple Vulnerabilities
The WordPress Oturia Smart Google Code Inserter Plugin installed on the remote host is affected by multiple vulnerabilities :\n\n - An Authentication Bypass which allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter.\n - An SQL Injection...
WordPress Oturia Smart Google Code Inserter plugin authentication bypass vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Oturia Smart Google Code Inserter plugin is used in one of the meta-tagging validation to add plug-ins. An...
WordPress Oturia Smart Google Code Inserter Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Oturia Smart Google Code Inserter plugin is used in one of the meta-tagging validation to add plug-ins. A SQL...
Sql injection
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function in...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3810
CVE-2018-3810 covers the Oturia WordPress Smart Google Code Inserter plugin before 3.5. An authentication bypass allows unauthenticated users to update the sgcgoogleanalytic parameter, causing arbitrary JavaScript/HTML to run on all WordPress pages via saveGoogleCode() which does not verify autho...