17 matches found
EUVD-2012-1104
Malware in sbrugna...
EUVD-2012-1105
Malware in sbrugna...
EUVD-2023-27969
Malicious code in bioql PyPI...
CVE-2023-23886
Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7...
CVE-2023-23886 WordPress WP-RecentComments plugin <= 2.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in mg12 WP-RecentComments wp-recentcomments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through = 2.2.7...
CVE-2023-23886 WordPress WP-RecentComments plugin <= 2.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7...
CVE-2023-23886
CVE-2023-23886 affects the WordPress WP-RecentComments plugin up to version 2.2.7. The issue is a Missing Authorization / Broken Access Control vulnerability that can disclose information due to incorrectly configured access controls. The common references describe the root cause as insufficient ...
WordPress plugin WP-RecentComments 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WP-RecentComments Plugin <= 2.2.7 is vulnerable to Sensitive Data Exposure
Software WP-RecentComments Type Plugin Vulnerable versions = 2.2.7 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e8e792ef26a6 Credits WordFence Required privilege...
WordPress WP-RecentComments Plugin <= 2.2.7 is vulnerable to Broken Access Control
Software WP-RecentComments Type Plugin Vulnerable versions = 2.2.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23886 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bef3f2d917d0 Credits Nguyen Anh Tien Required...
CVE-2012-1067
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
Cross site scripting
Cross-site scripting XSS vulnerability in the rcajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging...
Sql injection
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
CVE-2012-1067
CVE-2012-1067 affects the WP-RecentComments WordPress plugin (2.0.7) with a SQL injection via the id parameter in the rc-content action to index.php. The underlying issue is an injectable SQL command path that allows remote attackers to execute arbitrary SQL. In published materials, exploitation ...
CVE-2012-1068
The CVE-2012-1068 entry concerns the WP-RecentComments WordPress plugin (before 2.0.7). The vulnerability is an XSS in the rc_ajax function in core.php that allows an attacker to inject arbitrary web script or HTML via the page parameter, related to AJAX paging. Affected component: WordPress WP-R...
CVE-2012-1068
Cross-site scripting XSS vulnerability in the rcajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging...
CVE-2012-1067
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...