17 matches found
CVE-2026-27743
The SPIP refererspam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the refererspamajouter and refererspamsupprimer action handlers. The handlers read the url parameter from a GET request and interpolate it directly into SQL LIKE clauses without input...
CVE-2026-27743
The SPIP refererspam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the refererspamajouter and refererspamsupprimer action handlers. The handlers read the url parameter from a GET request and interpolate it directly into SQL LIKE clauses without input...
CVE-2026-27743 SPIP referer_spam < 1.3.0 Unauthenticated SQL Injection
The SPIP refererspam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the refererspamajouter and refererspamsupprimer action handlers. The handlers read the url parameter from a GET request and interpolate it directly into SQL LIKE clauses without input...
CVE-2026-27743
The CVE-2026-27743 entry describes an unauthenticated SQL injection in the SPIP referer_spam plugin prior to version 1.3.0. The vulnerable components are the referer_spam_ajouter and referer_spam_supprimer action handlers, which read the url parameter from a GET request and interpolate it directl...
CVE-2026-27743 SPIP referer_spam < 1.3.0 Unauthenticated SQL Injection
The SPIP refererspam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the refererspamajouter and refererspamsupprimer action handlers. The handlers read the url parameter from a GET request and interpolate it directly into SQL LIKE clauses without input...
CVE-2026-27743
The SPIP refererspam plugin versions prior to 1.3.0 contain an unauthenticated SQL injection vulnerability in the refererspamajouter and refererspamsupprimer action handlers. The handlers read the url parameter from a GET request and interpolate it directly into SQL LIKE clauses without input...
PT-2026-21858
Name of the Vulnerable Software and Affected Versions SPIP referer spam plugin versions prior to 1.3.0 Description The referer spam plugin is susceptible to an unauthenticated SQL injection. This occurs because the plugin’s referer spam ajouter and referer spam supprimer action handlers directly...
EUVD-2023-36741
Malicious code in bioql PyPI...
CVE-2023-32497
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Supersoju Block Referer Spam plugin = 1.1.9.4 versions...
CVE-2023-32497
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Supersoju Block Referer Spam plugin = 1.1.9.4 versions...
CVE-2023-32497
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Supersoju Block Referer Spam plugin = 1.1.9.4 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Supersoju Block Referer Spam plugin = 1.1.9.4 versions...
CVE-2023-32497 WordPress Block Referer Spam Plugin <= 1.1.9.4 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Supersoju Block Referer Spam plugin = 1.1.9.4 versions...
CVE-2023-32497
CVE-2023-32497 is a Stored XSS vulnerability in the WordPress plugin Block Referer Spam (Supersoju) that affects versions
WordPress plugin Block Referer Spam 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2023-23831 · WordPress · Supersoju Block Referer Spam
Name of the Vulnerable Software and Affected Versions: Supersoju Block Referer Spam plugin versions 1.1.9.4 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the Supersoj...
WordPress Block Referer Spam Plugin <= 1.1.9.4 is vulnerable to Cross Site Scripting (XSS)
Software Block Referer Spam Type Plugin Vulnerable versions = 1.1.9.4 Fixed in 1.1.9.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32497 Patch priority Low CVSS severity Low 5.1 Developer Claim ownership PSID 9bfabf6d69ec Credits Taihei Shimamine...