CVE-2023-35044

Cross-Site Request Forgery CSRF vulnerability in Drew Phillips Securimage-WP plugin = 3.6.16 versions...

PT-2023-25113 · WordPress · Securimage-Wp

Name of the Vulnerable Software and Affected Versions: Drew Phillips Securimage-WP plugin versions = 3.6.16 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a w...

CVE-2021-34640

The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $SERVER'PHPSELF' in the /securimage-wp.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.5.4...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Securimage-WP-Fixed, which stems...