10 matches found
EUVD-2023-27788
Malicious code in bioql PyPI...
CVE-2023-23702
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-23704
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Comments Ratings plugin = 1.1.6 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-23702
CVE-2023-23702 is a stored XSS vulnerability in the Pixelgrade Comments Ratings WordPress plugin (versions ≤ 1.1.7) exploitable by users with admin+ privileges. The issue permits injection of malicious scripts via the plugin’s input surface and is rated medium by CVSS (base 4.8–4.9 in sources). P...
CVE-2023-45654
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-45654
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Comments Ratings plugin = 1.1.7 versions...
CVE-2023-23704
CVE-2023-23704 is a CSRF vulnerability in the WordPress plugin Pixelgrade Comments Ratings affecting versions up to 1.1.6 . The vulnerability is described across sources as Cross-Site Request Forgery with unauthenticated access, enabling CSRF actions on sites using the plugin. Affected product: P...
PT-2023-19143 · Pixelgrade · Pixelgrade Comments Ratings Plugin
Name of the Vulnerable Software and Affected Versions: Pixelgrade Comments Ratings plugin versions 1.1.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actio...