15 matches found
WordPress plugin WP Links Page SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin WP...
EUVD-2023-51750
Malicious code in bioql PyPI...
EUVD-2023-26849
Malicious code in bioql PyPI...
CVE-2023-22720
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robert Macchi WP Links Page plugin = 4.9.3 versions...
CVE-2023-47651
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
CVE-2024-6465 WP Links Page <= 4.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Image Update
The WP Links Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wplfajaxupdatescreenshots' function in all versions up to, and including, 4.9.5. This makes it possible for authenticated attackers, with Subscriber-level access and...
PT-2024-37648 · WordPress · Wp Links Page
Name of the Vulnerable Software and Affected Versions: WP Links Page plugin for WordPress versions up to, and including, 4.9.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data due to a missing capability check on the wplf ajax update...
CVE-2023-47651
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
CVE-2023-47651
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
CVE-2023-47651 WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...
CVE-2023-47651
CVE-2023-47651 affects the WordPress WP Links Page plugin (versions up to 4.9.4). The vulnerability is a Cross-Site Request Forgery (CSRF) in the wplf_ajax_update_screenshots action that could be exploited by an unauthenticated attacker to forge requests. The issue is fixed in version 4.9.5. The ...
CVE-2023-22720 WordPress WP Links Page Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robert Macchi WP Links Page plugin = 4.9.3 versions...
CVE-2023-22720
CVE-2023-22720 affects the WordPress plugin WP Links Page by Robert Macchi. Versions ≤ 4.9.3 are vulnerable to a Stored XSS due to inadequate input handling. The vulnerability impact is described in the CVE as cross-site scripting, with a PatchSTACK entry noting the fix in version 4.9.4 . No expl...
WordPress WP Links Page Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS)
Software WP Links Page Type Plugin Vulnerable versions = 4.9.3 Fixed in 4.9.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22720 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a20af666246 Credits István Márton Required...