2 matches found
CVE-2020-36741
The MultiVendorX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.7. This is due to missing or incorrect nonce validation on the submitcomment function. This makes it possible for unauthenticated attackers to submit comments via a forged reque...
PeopleAggregator 1.2pre6-release-53 - Multiple Remote File Inclusions
PeopleAggregator 1.2pre6-release-53 - Multiple Remote File Inclusions PeopleAggregator 1.2pre6 Multiple Remote File Inclusion Vulnerabilities http://update.peopleaggregator.org/dist/peopleaggregator-1.2pre6-release-53.tar.gz DORK : "copyright 2006 Broadband Mechanics" POC :...