EUVD-2015-9196

Malware in sbrugna...

EUVD-2014-9280

Malware in sbrugna...

CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

CVE-2024-4409

CVE-2024-4409 : The WP-ViperGB WordPress plugin (all versions up to 1.6.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation when saving settings. This allows unauthenticated attackers to alter plugin settings by tricking an administrator into performing an act...

CVE-2024-4409 WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery

The WP-ViperGB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's settings via a...

Code injection

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the WP-ViperGB plugin before 1.3.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via th...