Filtered by vendor Wbolt
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26531 | 1 Wbolt | 1 All-in-one Search Automatic Push Management | 2024-02-29 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in 闪电博 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 plugin <= 4.2.7 versions. | ||||
| CVE-2021-24618 | 1 Wbolt | 1 Donate With Qrcode | 2022-12-20 | 5.4 Medium |
| The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise or escape its QRCode Image setting, which result into a Stored Cross-Site Scripting (XSS). Furthermore, the plugin also does not have any CSRF and capability checks in place when saving such setting, allowing any authenticated user (as low as subscriber), or unauthenticated user via a CSRF vector to update them and perform such attack. | ||||
| CVE-2021-24976 | 1 Wbolt | 1 Smart Seo Tool | 2022-01-28 | 6.1 Medium |
| The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting | ||||
Page 1 of 1.