7 matches found
CVE-2016-10897
The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues...
EUVD-2016-1891
Malware in sbrugna...
EUVD-2022-15636
Malicious code in bioql PyPI...
CVE-2022-0499
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones...
CVE-2022-0499
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones...
CVE-2016-10897
The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues...
WordPress Sermon Browser Plugin 0.43 - Cross-Site Scripting and SQL Injection Vulnerabilities
There are several vulnerabilities in this plugin. The first is a cross-site scripting vulnerability and the second is an SQL injection vulnerability. These issues allow an attacker to steal cookie-based authentication credentials, modify data, or compromise the access. Solution Update the plugin...