WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting

WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file, which allows attackers to inject arbitrary web scripts. id: CVE-2021-34640 info: name: WordPress Securimage-WP-Fixed =3.5.4 -...

EUVD-2021-21290

Malware in sbrugna...

EUVD-2023-39080

Malicious code in bioql PyPI...

EUVD-2022-4903

Malicious code in bioql PyPI...

CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

CVE-2023-35044 WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

CVE-2023-35044

CVE-2023-35044 affects the WordPress Securimage-WP plugin

CVE-2023-35044 WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

WordPress Plugin Securimage-WP 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-25113 · WordPress · Securimage-Wp

Name of the Vulnerable Software and Affected Versions: Drew Phillips Securimage-WP plugin versions = 3.6.16 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a w...

Securimage-WP <= 3.6.16 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to potential CSRF vulnerabilities...

WordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)

Software Securimage-WP Type Plugin Vulnerable versions = 3.6.16 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35044 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 10bf6d005f14 Credits Abdi Pranata Required...

GHSA-Q6V4-XJP2-8GGV Securimage HTML Injection

HTML Injection in Securimage prior to 3.6.6 allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

Securimage HTML Injection

HTML Injection in Securimage prior to 3.6.6 allows remote attackers to inject arbitrary HTML into an e-mail message body via the $SERVER'HTTPUSERAGENT' parameter to exampleform.ajax.php or exampleform.php...

CVE-2021-34640

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...

CVE-2021-34640

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...

Cross site scripting

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...