EUVD-2022-49954

Malicious code in bioql PyPI...

CVE-2022-47179

Cross-Site Request Forgery CSRF vulnerability in Uwe Jacobs OWM Weather plugin = 5.6.11 leads to post duplication as a draft...

CVE-2022-47179

Cross-Site Request Forgery CSRF vulnerability in Uwe Jacobs OWM Weather plugin = 5.6.11 leads to post duplication as a draft...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Uwe Jacobs OWM Weather plugin = 5.6.11 leads to post duplication as a draft...

CVE-2022-47179 WordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Uwe Jacobs OWM Weather plugin = 5.6.11 leads to post duplication as a draft...

CVE-2022-47179

CVE-2022-47179 is a CSRF vulnerability in the WordPress OWM Weather Plugin (versions

CVE-2022-47179 WordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Uwe Jacobs OWM Weather plugin = 5.6.11 leads to post duplication as a draft...

PT-2023-15221 · Uwe Jacobs · Owm Weather Plugin

Name of the Vulnerable Software and Affected Versions: Uwe Jacobs OWM Weather plugin versions 5.6.11 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to post duplication as a draft. Recommendations: For versions 5.6.11 and earlier,...

WordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)

Software OWM Weather Type Plugin Vulnerable versions = 5.6.11 Fixed in 5.6.12 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47179 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d309db39a0b0 Credits Cat Required privileg...

OWM Weather < 5.6.12 - Post Duplication via CSRF

The plugin does not have CSRF check when duplicating posts which will be duplicated as drafts, which could allow attackers to make logged in admin perform such action via a CSRF attack and fill up the post table...

WordPress OWM Weather plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2022-3769

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

CVE-2022-3769

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

Sql injection

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

CVE-2022-3769 OWM Weather < 5.6.9 - Contributor+ SQLi

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

CVE-2022-3769 OWM Weather < 5.6.9 - Contributor+ SQLi

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

CVE-2022-3769

The CVE-2022-3769 entry concerns the WordPress OWM Weather plugin, versions prior to 5.6.9. The vulnerability is a SQL injection caused by improper sanitisation/escaping of a parameter before its use in a SQL statement, allowing exploitation by a user with as little as the Contributor role. The C...

PT-2022-24040 · WordPress · Owm Weather

Name of the Vulnerable Software and Affected Versions: OWM Weather WordPress plugin versions prior to 5.6.9 Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection. This can be exploited by...

WordPress OWM Weather plugin <= 5.6.8 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Kunal Sharma University of Kaiserslautern and Daniel Krohmer Fraunhofer IESE in the WordPress OWM Weather plugin versions = 5.6.8. Solution Update the WordPress OWM Weather plugin to the latest available version at least 5.6.9...

OWM Weather < 5.6.9 - Contributor+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor PoC Logon as contributor and open the below URL, which will result in a delayed response If the "could not find origin...