21 matches found
SRS Simple Hits Counter 1.0.3-1.0.4 - Unauthenticated Blind SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in SRS Simple Hits Counter Plugin for WordPress 1.0.3 and 1.0.4 allows a remote, unauthenticated attacker to determine the value of database fields. id: CVE-2020-5766 info: name: SRS Simple Hits Counter 1.0.3-1.0.4...
EUVD-2023-26838
Malicious code in bioql PyPI...
CVE-2023-22709
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
CVE-2023-22709
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
CVE-2023-22709
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
CVE-2023-22709
CVE-2023-22709 is a CSRF vulnerability in the WordPress plugin SRS Simple Hits Counter (versions
CVE-2023-22709 WordPress SRS Simple Hits Counter Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
CVE-2023-22709 WordPress SRS Simple Hits Counter Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Atif N SRS Simple Hits Counter plugin = 1.1.0 versions...
PT-2023-18651 · WordPress · Atif N Srs Simple Hits Counter
Name of the Vulnerable Software and Affected Versions: Atif N SRS Simple Hits Counter plugin versions = 1.1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a...
WordPress plugin SRS Simple Hits Counter 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress SRS Simple Hits Counter Plugin <= 1.1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software SRS Simple Hits Counter Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-22709 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 429352774cd4 Credits Mika Requir...
WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure (direct check)
Binary data wordpresspluginsrssimplehitscountersqli.nbin...
WordPress SRS Simple Hits Counter SQL Injection
SQL Injection vulnerability in SRS Simple Hits Counter postid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
WordPress Plugin 'SRS Simple Hits Counter' Information Disclosure
The WordPress application running on the remote host has a version of the 'SRS Simple Hits Counter' plugin that is affected by an information disclosure vulnerability due to improper validation of user supplied input data. An unauthenticated, remote attacker can exploit this issue via specially...
SRS Simple Hits Counter Plugin for WordPress SQL Injection
The WordPress SRS Simple Hits Counter Plugin installed on the remote host is affected by a SQL injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
CVE-2020-5766
The CVE-2020-5766 entry affects the WordPress plugin SRS Simple Hits Counter (versions 1.0.3–1.0.4). The connected nuclei template confirms an unauthenticated blind SQL injection in the plugin’s post_id flow, enabling an attacker to extract database field values. Root cause: improper handling/neu...
CVE-2020-5766
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in SRS Simple Hits Counter Plugin for WordPress 1.0.3 and 1.0.4 allows a remote, unauthenticated attacker to determine the value of database fields...
WordPress SRS Simple Hits Counter plugin <= 1.0.3 - Unauthenticated Blind SQL Injection (SQLi) vulnerability
Unauthenticated Blind SQL Injection SQLi vulnerability found by Alex Peña Tenable in WordPress SRS Simple Hits Counter plugin versions = 1.0.3. Solution Update the WordPress SRS Simple Hits Counter plugin to the latest available version at least 1.0.4...
SRS Simple Hits Counter <= 1.0.4 - Unauthenticated Blind SQL Injection
Alex Peña from Tenable discovered a blind SQL injection which could allow unauthenticated remote attackers to retrieve data from the DBMS. Note: The vendor attempted a fix in v1.0.4, which is incomplete. PoC The PoC will be displayed once the issue has been remediated...