CVE-2022-1787

The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping...

WordPress Sideblog plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Sideblog plugin version 6.0 and earlier versions are vulnerable to cross-site request forgery, whic...

CVE-2022-1787

The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping...

CVE-2022-1787

The Sideblog WordPress plugin through 6.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping...

WordPress plugin Sideblog 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Sideblog plugin version 6.0 and earlier versions are vulnerable to cross-site request forgery, whic...

WordPress Sideblog plugin <= 6.0 - Arbitrary Settings Update via CSRF to Stored XSS

Arbitrary Settings Update via CSRF to Stored XSS discovered by Daniel Ruf in WordPress Sideblog plugin versions = 6.0. Solution Deactivate and delete. This plugin has been closed as of May 18, 2022 and is not available for download. This closure is temporary, pending a full review...