CVE-2022-1694

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banne ...

Continue Reading

13 июня, 2022

CVE-2022-1624

The Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attac ...

Continue Reading

13 июня, 2022

CVE-2022-1608

The OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF att ...

Continue Reading

13 июня, 2022

CVE-2022-1612

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attackRead ...

Continue Reading

13 июня, 2022

CVE-2022-1605

The Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and cha ...

Continue Reading

13 июня, 2022

CVE-2022-1595

The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted requestRead More ...

Continue Reading

13 июня, 2022

CVE-2022-1604

The MailerLite WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site ScriptingRead More ...

Continue Reading

13 июня, 2022

CVE-2022-30309

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized ex ...

Continue Reading

13 июня, 2022

1 74 306 74 307 74 308 74 309 74 310 75 266

Back to Main
Subscribe for the latest news: