4 matches found
EUVD-2024-51575
Malicious code in bioql PyPI...
CVE-2024-12170
The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...
CVE-2024-12291 ViewMedica 9 <= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site Scripting
The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.17. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged...
CVE-2024-12291
CVE-2024-12291 : The ViewMedica 9 WordPress plugin is vulnerable to Cross-Site Request Forgery that leads to a Reflected Cross-Site Scripting condition in all versions up to 1.4.15. The root cause is missing or incorrect nonce validation on a function, enabling unauthenticated attackers to induce...