11 matches found
EUVD-2022-25040
Malicious code in bioql PyPI...
CVE-2022-1759
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escap...
WordPress RB Internal Links plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-1759
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escap...
CVE-2022-1759
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escap...
CVE-2022-1759
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escap...
CVE-2022-1759 RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF
The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escap...
CVE-2022-1759
The CVE pertains to the WordPress plugin RB Internal Links (versions up to 2.0.16). The issue is a CSRF deficiency when updating plugin settings, enabling a logged-in attacker to induce an admin to modify settings, and it also enables Stored Cross-Site Scripting due to insufficient sanitisation/e...
WordPress plugin RB Internal Links 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping PoC...
WordPress RB Internal Links plugin <= 2.0.16 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress RB Internal Links plugin versions = 2.0.16. Solution Deactivate and delete. This plugin has been closed as of May 17, 2022 and is not available for download. This closure is...