Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:50 a.m.5 views

CVE-2024-7689

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.7CVSS5.8AI score0.00187EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/04 12:0 a.m.3 views

QNAP Notes Station 3 Authentication Missing Vulnerability

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

9.8CVSS7.2AI score0.00933EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from a command injection vulnerability, which stems from the application faili...

8.8CVSS7.7AI score0.01588EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

9.8CVSS7.1AI score0.00933EPSS
Exploits0References1
NVD
NVD
added 2024/09/09 6:15 a.m.17 views

CVE-2024-7689

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.7CVSS0.00187EPSS
Exploits1References1
OSV
OSV
added 2024/09/09 6:15 a.m.3 views

CVE-2024-7689

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

4.3CVSS5.8AI score0.00187EPSS
Exploits1References1
CVE
CVE
added 2024/09/09 6:0 a.m.42 views

CVE-2024-7689

Snapshot Backup plugin for WordPress

4.7CVSS4.8AI score0.00187EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/09/09 6:0 a.m.21 views

CVE-2024-7689 Snapshot Backup <= 2.1.1 - Stored XSS via CSRF

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

0.00187EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/09 6:0 a.m.13 views

CVE-2024-7689 Snapshot Backup <= 2.1.1 - Stored XSS via CSRF

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.9AI score0.00187EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.2 views

WordPress plugin Snapshot Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.7CVSS6.7AI score0.00187EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/08/20 12:15 a.m.2 views

WordPress Snapshot Backup plugin <= 2.1.1 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Snapshot Backup versions = 2.1.1...

4.7CVSS6AI score0.00187EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/20 12:0 a.m.13 views

WordPress Snapshot Backup Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Snapshot Backup Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7689 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5c418561fc96 Credits Bob Matyas Required...

4.7CVSS6.7AI score0.00187EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder