RSS   Vulnerabilities for 'Code snippets'   RSS

2022-05-18
 
CVE-2022-25617

CWE-79
 

 
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.

 
2022-01-24
 
CVE-2021-25008

CWE-79
 

 
The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue

 
2020-01-28
 
CVE-2020-8417

CWE-352
 

 
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.

 


Copyright 2024, cxsecurity.com

 

Back to Top