14 matches found
CVE-2023-4213
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...
EUVD-2015-1117
Malware in sbrugna...
EUVD-2023-54087
Malicious code in bioql PyPI...
CVE-2015-10107
A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to addres...
CVE-2023-4213
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...
Authorization
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...
CVE-2023-4213
CVE-2023-4213 concerns the WordPress plugin Simplr Registration Form Plus+ (up to version 2.4.5). The vulnerability is an Insecure Direct Object Reference (IDOR) that lets an authenticated user with subscriber-level permissions or higher access objects controlled by the user, bypass authorization...
CVE-2023-4213 Simplr Registration Form Plus+ <= 2.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password Change
The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...
WordPress Simplr Registration Form Plus+ Plugin <= 2.4.5 is vulnerable to Insecure Direct Object References (IDOR)
Software Simplr Registration Form Plus+ Type Plugin Vulnerable versions = 2.4.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-4213 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 210dacee25d7 Credits...
CVE-2015-10107
A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to addres...
Cross site scripting
A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to addres...
CVE-2015-10107
CVE-2015-10107 affects the Simplr Registration Form Plus+ WordPress plugin up to version 2.3.4. The vulnerability is a cross-site scripting flaw caused by an issue in a processing path, allowing remote initiation of an attack. The issue is mitigated by upgrading to version 2.3.5, with the patch i...
CVE-2015-10107 Simplr Registration Form Plus+ Plugin cross site scripting
A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.3.5 is able to addres...
PT-2023-10286 · WordPress · Simplr Registration Form Plus+
Name of the Vulnerable Software and Affected Versions: Simplr Registration Form Plus+ Plugin versions up to 2.3.4 Description: A vulnerability was found in the Simplr Registration Form Plus+ Plugin, which affects some unknown processing and leads to cross-site scripting. The attack may be initiat...