5 matches found
CVE-2024-13850 Simple add pages or posts <= 2.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Simple add pages or posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject...
CVE-2024-12288
The CVE-2024-12288 entry concerns the WordPress plugin Simple add pages or posts. Connected Red Hat advisory RH:CVE-2024-12288 confirms a Cross-Site Request Forgery vulnerability in this plugin, arising from missing nonce validation, enabling unauthenticated attackers to update settings and injec...
WordPress Simple add pages or posts plugin <= 2.0.0 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Simple Add Pages or Posts versions = 2.0.0...
WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery
WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability Date: 2016/29/01 Exploit Author: ALIREZAPROMIS Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/ Software Link:...
WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery
Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability Date: 2016/29/01 Exploit Author: ALIREZAPROMIS Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/ Software Link: https://downloads.wordpress.org/plugin/simple-add-pages-or-posts.1.6.zip Version: 1.6 Teste...