CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

WPVulnDB•added 2024/04/04 12:0 a.m.•16 views

All In One WP Security < 5.2.7 - Cross-Site Request Forgery to IP Blocking

Description The All-In-One Security AIOS – Security and Firewall plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.6. This is due to missing or incorrect nonce validation on the render404detection function. This makes it possible for...

4.3CVSS6.6AI score0.00212EPSS

Exploits0References1Affected Software1

NVD•added 2022/11/22 4:15 p.m.•18 views

CVE-2022-44737

Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security AIOS – Security and Firewall WordPress plugin = 5.1.0 on WordPress...

8.8CVSS0.00283EPSS

Exploits0References1

CVE•added 2022/11/22 4:0 p.m.•71 views

CVE-2022-44737

CVE-2022-44737 affects the WordPress All-In-One Security (AIOS) – Security and Firewall plugin, = 5.1.1) or apply vendor-provided fixes. Other references corroborate CSRF risk in AIOS ≤ 5.1.0 and advise updating.

8.8CVSS7.3AI score0.00283EPSS

Exploits0References1Affected Software1

CVE•added 2021/02/10 2:23 p.m.•46 views

CVE-2020-29171

CVE-2020-29171 is a Cross-site Scripting (XSS) vulnerability in the WordPress plugin Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) up to version 4.4.6. The flaw resides in admin/wp-security-blacklist-menu.php and stems from insufficient input validatio...

6.1CVSS6.1AI score0.01495EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by