The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin ad
Cross-Site Request Forgery (CSRF) vulnerability in QuanticaLabs CSS3 Accordions for WordPress css3_accordions allows Stored XSS.This issue affects CSS3 Accordions for WordPress: from n/a through <= 3.
The WP Finance WordPress plugin through 1.3.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored X
The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add
The WordPress连接微博 WordPress plugin through 2.5.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Store
The Visual Sound WordPress plugin through 1.03 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
The SULly WordPress plugin before 4.3.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS pay
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add St
The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add
The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add
The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stor
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged
The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.7. This is due to missing or incorrect nonce validation on the addN
The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Accordion accordions-wp allows Stored XSS.This issue affects Accordion: from n/a throu
The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin ad
The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and ou
The Simple Nav Archives WordPress plugin through 2.1.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Page 1+ Next →