Kategori: Güvenlik Açıkları

CVE-2022-1281

The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST[‘filter_tag’] parameter, which is appended to an SQL query, making SQL Injection attacks…

Devamını oku

CVE-2022-1282

The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET[‘image_url’] variable, which is reflected back to the users when executing…

Devamını oku

CVE-2021-25086

The Advanced Page Visit Counter WordPress plugin through 5.0.8 does not sanitise and escape some input before outputting it in an admin dashboard page, allowing…

Devamını oku

CVE-2022-0428

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin…

Devamını oku

CVE-2022-0649

The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the…

Devamını oku

CVE-2022-0662

The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even…

Devamını oku