RSS   Vulnerabilities for 'Php everywhere'   RSS

2022-02-16
 
CVE-2022-24663

CWE-94
 

 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user.

 
 
CVE-2022-24664

CWE-94
 

 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts.

 
 
CVE-2022-24665

CWE-94
 

 
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts.

 
2022-01-13
 
CVE-2021-23227

CWE-352
 

 
Cross-Site Request Forgery (CSRF) vulnerability discovered in PHP Everywhere (WordPress plugin) versions (<= 2.0.2).

 


Copyright 2024, cxsecurity.com

 

Back to Top