22 matches found
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
EUVD-2017-4472
Malware in sbrugna...
EUVD-2025-24734
Malicious code in bioql PyPI...
CVE-2025-28987
Server-Side Request Forgery SSRF vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through = 5.9.5...
CVE-2025-28987
Server-Side Request Forgery SSRF vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through = 5.9.5...
CVE-2025-28987
CVE-2025-28987 affects the WordPress plugin PressForward (versions up to 5.9.1 as stated in multiple sources). The vulnerability is a Server-Side Request Forgery (SSRF) issue with a CVSS v3.1 base score of 6.4 (Medium); impact is limited to confidentiality/integrity and no impact on availability ...
CVE-2025-28987 WordPress PressForward <= 5.9.4 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through = 5.9.5...
CVE-2025-28987 WordPress PressForward <= 5.9.1 - Server Side Request Forgery (SSRF) Vulnerability
Server-Side Request Forgery SSRF vulnerability in PressForward PressForward allows Server Side Request Forgery. This issue affects PressForward: from n/a through 5.9.1...
PT-2025-33156 · Unknown · Pressforward
Name of the Vulnerable Software and Affected Versions: PressForward versions n/a through 5.9.1 Description: A Server-Side Request Forgery SSRF vulnerability exists in PressForward. This issue allows attackers to perform Server Side Request Forgery. Recommendations: Update PressForward to a versio...
WordPress plugin PressForward 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
WordPress PressForward plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.PressForward plugin is one of the workflow editing plugin. A cross-site scripting vulnerability exists in the...
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
Design/Logic Flaw
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
CVE-2017-12948
Core\Admin\PFTemplater.php in the PressForward plugin 4.3.0 and earlier for WordPress has XSS in the PATHINFO to wp-admin/admin.php, related to PHPSELF...
CVE-2017-12948
The CVE-2017-12948 issue affects the WordPress PressForward plugin, specifically Core\Admin\PFTemplater.php in version 4.3.0 and earlier. The vulnerability is a Cross‑Site Scripting (XSS) flaw via PATH_INFO reflected into wp-admin/admin.php, related to PHP_SELF. Multiple sources (Red Hat CVE entr...
WordPress PressForward 4.3.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Advisory Title: WordPress PressForward Plugin Security Vulnerability Software: WordPress PressForward plugin Language: PHP Version: 4.3.0 and below Vendor Status: Vendor contacted Release Date: 2017/08/07 Risk: Medium 1. General Overview...
Pressforward <= 5.2.3 - Reflected Cross-Site Scripting (XSS)
The plugin does not sanitise the $SERVER'QUERYSTRING' before outputting it back in the page, leading to a reflected Cross-Site Scripting issue. The issue was initially reported in v4.3.0 but was never fixed, and is still affecting v5.2.3 PoC...
WordPress PressForward 4.3.0 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory WordPress PressForward Plugin Security Vulnerability Advisory ID: DC-2017-05-007 Advisory Title: WordPress PressForward Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress PressForward plugin Language: PHP...
WordPress PressForward plugin <=4.3.0 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability found by Neven Biruski in WordPress PressForward plugin version 4.3.0 and earlier versions. An attacker can trick the logged in user with administrator rights to visit a link with vulnerable JavaScript and execute the malicious code. Solution At this moment...