730 matches found
CVE-2023-22694
Cross-Site Request Forgery CSRF vulnerability in Arian Khosravi, Norik Davtian BigContact Contact Page plugin = 1.5.8 versions...
CVE-2023-25974
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in psicosi448 wp2syslog plugin = 1.0.5 versions...
WordPress Plugin WP Directory Kit 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
CVE-2023-34026
Unauth. Reflected Cross-Site Scripting XSS vulnerability in BrokenCrust This Day In History plugin = 3.10.1 versions...
CVE-2019-25144
The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 2.2.10 due to insufficient input sanitization. This makes it possible for unauthenticated attackers to inject arbitrary HTML in pages that execute if they can successfully trick a administrator...
WordPress plugin Video Playlist and Gallery 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Video Playlist and...
WordPress plugin Newsletter Popup 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
CVE-2023-33311
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in CRM Perks Contact Form Entries plugin = 1.3.0 versions...
CVE-2023-25470
Cross-Site Request Forgery CSRF vulnerability in Anton Skorobogatov Rus-To-Lat plugin = 0.3 versions...
CVE-2023-25971
Cross-Site Request Forgery CSRF vulnerability in FixBD Educare plugin = 1.4.1 versions...
CVE-2022-47144
Cross-Site Request Forgery CSRF vulnerability in Plugincraft Mediamatic – Media Library Folders plugin = 2.8.1 versions...
CVE-2022-47180
Cross-Site Request Forgery CSRF vulnerability in Kopa Theme Kopa Framework plugin = 1.3.5 versions...
WordPress plugin User Meta Manager 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2023-25698
Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...
PT-2023-22974 · Unknown · Theguidex User Ip/Location
Name of the Vulnerable Software and Affected Versions: TheGuideX User IP and Location plugin versions = 2.2 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability requires authentication and affects users with contributor or higher permissions...
CVE-2023-23709
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Denis WPJAM Basic plugin = 6.2.1 versions...
PT-2023-24126 · Jenkins · Jenkins Saml Single Sign On(Sso) Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins SAML Single Sign OnSSO Plugin versions 2.0.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to send an HTTP POST request with a JSON body containing attacker-specified content to miniOrange's...
CVE-2023-22690
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Shopfiles Ltd Ebook Store plugin = 5.775 versions...
CVE-2022-45846 WordPress Image Map Pro Plugin < 5.6.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...
PT-2023-19101 · WordPress · Team With Slider
Name of the Vulnerable Software and Affected Versions: Sk. Abul Hasan Team Member – Team with Slider plugin versions = 4.4 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website...