5 matches found
CVE-2026-0944
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...
CVE-2025-62872 WordPress Social Photo Fetcher plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in JK Social Photo Fetcher facebook-photo-fetcher allows Cross Site Request Forgery.This issue affects Social Photo Fetcher: from n/a through = 3.0.4...
PT-2023-24910
Name of the Vulnerable Software and Affected Versions Canto plugin for WordPress versions up to, and including, 3.0.4 Description The Canto plugin for WordPress is vulnerable to Remote File Inclusion via the wp abspath parameter. This allows unauthenticated attackers to include and execute...
WordPress plugin A2 Optimized WP 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2009-1519 · Xt · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in the advanced...