6 matches found
EUVD-2023-50346
Malicious code in bioql PyPI...
WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Broken Access Control
Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32684 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0e0c02f9a698 Credits Kyle Sanchez Required...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...
CVE-2023-28987
CVE-2023-28987 is a CSRF vulnerability in the WordPress plugin Wp Ultimate Review (Wpmet Wp Ultimate Review) affecting versions <= 2.0.3. The issue allows an attacker to perform unintended actions on behalf of an authenticated or unauthenticated user, depending on context, due to CSRF flaws de...
CVE-2023-28751
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...
CVE-2023-28751 WordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wpmet Wp Ultimate Review plugin = 2.0.3 versions...