EUVD-2015-9196

Malware in sbrugna...

EUVD-2014-9280

Malware in sbrugna...

CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

CVE-2024-4409

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a...

CVE-2024-4409

CVE-2024-4409 : The WP-ViperGB WordPress plugin (all versions up to 1.6.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation when saving settings. This allows unauthenticated attackers to alter plugin settings by tricking an administrator into performing an act...

CVE-2024-4409 WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a...

WordPress plugin WP-ViperGB 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-30942 · WordPress · Wp-Vipergb

Name of the Vulnerable Software and Affected Versions: WP-ViperGB plugin for WordPress versions up to, and including, 1.6.1 Description: The issue is due to missing or incorrect nonce validation when saving plugin settings, making it possible for unauthenticated attackers to change the plugin's...

CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

Code injection

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

CVE-2015-9356

CVE-2015-9356 concerns the WP-ViperGB WordPress plugin prior to version 1.3.16, where an XSS vulnerability exists via add_query_arg() and remove_query_arg(). The issue is distinct from CVE-2014-9460 and is documented across multiple sources in the connected set, including Red Hat and CVE records....

CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the WP-ViperGB plugin before 1.3.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via th...

CVE-2014-9460

CVE-2014-9460 affects the WordPress WP-ViperGB plugin prior to 1.3.11. Multiple CSRF flaws allow remote attackers to hijack administrator authentication by submitting requests that (1) change plugin settings via unspecified vectors or (2)-(3) trigger XSS via vgb_page or vgb_items_per_pg on wp-adm...

WordPress WP-ViperGB 1.3.10 CSRF / XSS

Title: WordPress 'WP-ViperGB' plugin - CSRF/XSS Version: 1.3.10 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/wp-vipergb/ Notified WordPress: 2014/11/27 ---------------------------------------------------------------- Description:...