Unspecified vulnerability in Discourse (CNVD-2026-17481)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability due to an overly broad authorization check on the deleted post index endpoint, which can ...

Discourse 安全漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability due to an overly broad authorization check on the deleted post index endpoint, which can ...

EUVD-2021-21287

Malware in sbrugna...

CVE-2021-34637

The Post Index WordPress plugin is vulnerable to Cross-Site Request Forgery via the OptionsPage function found in the /php/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.5...

CVE-2021-34637 Post Index <= 0.7.5 Cross-Site Request Forgery to Stored Cross-Site Scripting

The Post Index WordPress plugin is vulnerable to Cross-Site Request Forgery via the OptionsPage function found in the /php/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.5...

CVE-2021-34637

The CVE-2021-34637 item applies to the WordPress Post Index plugin, affected through CSRF via the OptionsPage in php/settings.php, with vulnerable versions up to 0.7.5. Public references describe an attacker who can inject arbitrary web scripts, resulting in stored XSS, via a CSRF flaw. Connected...

Post Index <= 0.7.5 - CSRF to Stored XSS

The Post Index WordPress plugin is vulnerable to Cross-Site Request Forgery via the OptionsPage function found in the /php/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.5. CSRF PoC alert1;" / iframe src="x" width="1" height="1"...

WordPress Post Index plugin <= 0.7.5 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Kentaro Kuroki Cryptography Laboratory - Tokyo Denki University in WordPress Post Index plugin versions = 0.7.5. Solution This plugin has been closed as of July 20, 2021 and is not available for...