Lucene search

K

Oturia Security Vulnerabilities

cve
cve

CVE-2018-3810

Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function.....

9.8CVSS

9.3AI Score

0.773EPSS

2018-01-01 06:29 AM
44
cve
cve

CVE-2018-3811

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not...

9.8CVSS

9.9AI Score

0.008EPSS

2018-01-01 06:29 AM
40