57 matches found
CVE-2016-10982
The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvcsettings CSRF...
CVE-2016-10981
The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kentopvcnumberslang, kentopvctodaytext, or kentopvctotaltext...
EUVD-2016-1972
Malware in sbrugna...
EUVD-2016-1973
Malware in sbrugna...
EUVD-2016-10784
Malware in sbrugna...
EUVD-2016-1971
Malware in sbrugna...
EUVD-2023-49318
Malicious code in bioql PyPI...
CVE-2021-24605
The createpostpage AJAX action of the Custom Post View Generator WordPress plugin through 0.4.6 available to authenticated user does not sanitise or escape user input before outputting it back in the response, leading to a Reflected Cross-Site issue...
CVE-2016-10980
The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kentopvcgeo...
CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
WordPress Kento Post View Counter plugin <= 2.8 - SQL Injection vulnerability
SQL Injection vulnerability discovered by WordFence in WordPress Plugin Kento Post View Counter versions = 2.8...
CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2016-15040
The CVE-2016-15040 entry concerns the WordPress plugin Kento Post View Counter . Versions up to and including 2.8 are vulnerable to SQL Injection via the kento_pvc_geo parameter, caused by insufficient escaping of user input and inadequate preparation of the SQL query. The impact described is tha...
CVE-2016-15040 Kento Post View Counter <= 2.8 - SQL Injection
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
PT-2024-10573
Name of the Vulnerable Software and Affected Versions Kento Post View Counter plugin for WordPress versions up to, and including, 2.8 Description The issue allows unauthenticated attackers to perform SQL Injection via the kento pvc geo parameter due to insufficient escaping on the user-supplied...
WordPress Kento Post View Counter Plugin <= 2.8 is vulnerable to SQL Injection
Software Kento Post View Counter Type Plugin Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2016-15040 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ec30554661e3 Credits WordFence Required privilege Unauthenticate...
VulnCheck KEV: CVE-2016-15040
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kentopvcgeo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2023-44996
Cross-Site Request Forgery CSRF vulnerability in Naresh Parmar Post View Count plugin = 1.8.2 versions...
CVE-2023-44996
Cross-Site Request Forgery CSRF vulnerability in Naresh Parmar Post View Count plugin = 1.8.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Naresh Parmar Post View Count plugin = 1.8.2 versions...