EUVD-2023-58000

Malicious code in bioql PyPI...

PT-2025-39486

Name of the Vulnerable Software and Affected Versions System Dashboard plugin for WordPress versions prior to 2.8.21 Description The System Dashboard plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of nonce validation in the sd toggle logs function...

WordPress System Dashboard plugin <= 2.8.20 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Đỗ Quang Huy in WordPress Plugin System Dashboard versions = 2.8.20...

CVE-2024-11107

The System Dashboard WordPress plugin before 2.8.15 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

CVE-2023-5713

The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdoptionvalue function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...

WordPress System Dashboard plugin <= 2.8.17 - Reflected Cross-Site Scripting via Filename Parameter vulnerability

Reflected Cross-Site Scripting via Filename Parameter vulnerability discovered by vgo0 in WordPress Plugin System Dashboard versions = 2.8.17...

CVE-2024-11107

The System Dashboard WordPress plugin before 2.8.15 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

WordPress plugin System Dashboard 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

WordPress System Dashboard plugin < 2.8.15 - Admin+ Path Traversal vulnerability

Admin+ Path Traversal vulnerability discovered by Dogus DEMIRKIRAN in WordPress Plugin System Dashboard versions 2.8.15...

WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Path Traversal

Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A4: Insecure Design Classification Path Traversal CVE CVE-2024-10708 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 8350df71b2da Credits Dogus DEMIRKIRAN Required privilege...

WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Cross Site Scripting (XSS)

Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11107 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 948953d35f1c Credits Dogus Demirkiran...

CVE-2023-7246

The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks...

CVE-2023-5710

The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdconstants function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...

Information disclosure

The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdglobalvalue function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...

WordPress plugin System Dashboard security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress plugin System Dashboard security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress System Dashboard Plugin <= 2.8.7 is vulnerable to Broken Access Control

Software System Dashboard Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5712 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 98fba4335721 Credits Dmitrii Ignatyev Required...

PT-2023-32285 · WordPress · System Dashboard

Name of the Vulnerable Software and Affected Versions: System Dashboard plugin for WordPress versions up to, and including, 2.8.7 Description: The issue is related to unauthorized access of data due to a missing capability check on the sd global value function hooked via an AJAX action. This allo...