2 matches found
CVE-2022-38139
The CVE-2022-38139 entry refers to multiple CSRF vulnerabilities in the WordPress RD Station plugin, affected versions 5.2.0 and earlier. Technical details from connected sources indicate the issue stems from missing CSRF checks in various parts of the plugin, enabling potential unauthorized acti...
CVE-2024-6894
RD Station plugin for WordPress ≤ 5.3.2 is affected by a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient input sanitization and output escaping of post metaboxes. This allows authenticated attackers with Contributor+ privileges to inject arbitrary scripts that execute when ...