RSS   Vulnerabilities for 'Custom body class'   RSS

2019-12-26
 
CVE-2019-6030

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

 
 
CVE-2019-6029

CWE-79
 

 
Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top