4 matches found
EUVD-2023-29037
Malicious code in bioql PyPI...
CVE-2023-25058
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin = 1.6.5 versions...
PT-2023-19904 · Brainstorm Force · Brainstorm Force Schema – All In One Schema Rich Snippets
Name of the Vulnerable Software and Affected Versions: Brainstorm Force Schema – All In One Schema Rich Snippets plugin versions prior to 1.6.6 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into...
Schema - All In One Schema Rich Snippets < 1.6.6 - Multiple CSRF
The plugin does not properly validate a user intended to do an action, which they could have done using nonce checks. This makes it possible for attackers to conduct CSRF attacks against an unsuspecting administrator, tricking their browser into editing some of the plugin's settings...