Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
XwpStream

3 matches found

CVE
CVEadded 2023/05/25 11:15 a.m.42 views

CVE-2022-43490

Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin

8.8CVSS7.1AI score0.00043EPSS
CVE
CVEadded 2024/09/13 3:15 p.m.41 views

CVE-2024-7423

The Stream plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.1. This is due to missing or incorrect nonce validation on the network_options_action() function. This makes it possible for unauthenticated attackers to update arbitrary options th...

8.8CVSS8.6AI score0.00115EPSS
CVE
CVEadded 2021/11/17 11:15 a.m.32 views

CVE-2021-24772

The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue.

8.8CVSS9AI score0.00532EPSS