Htaccess Security Vulnerabilities and Issues — Htaccess CVE List

Lucene search

BestwebsoftHtaccess

3 matches found

CVE•added 2020/02/06 3:15 a.m.•124 views

CVE-2020-8658

The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implementation of anti-CSRF protection. I...

8.8CVSS8.6AI score0.01947EPSS

CVE•added 2017/05/22 4:29 p.m.•51 views

CVE-2017-2171

Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to...

6.1CVSS6.1AI score0.00233EPSS

CVE•added 2019/08/13 5:15 p.m.•48 views

CVE-2017-18496

The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues.

6.1CVSS6AI score0.00104EPSS