RSS   Vulnerabilities for 'Header footer code manager'   RSS

2022-02-24
 
CVE-2022-0710

CWE-79
 
 
The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter.

 
2021-11-08
 
CVE-2021-24791

CWE-89
 
 
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections

 

 >>> Vendor: Draftpress 2 Products
My site audit
Header footer code manager

Copyright 2024, cxsecurity.com

 

Back to Top