RSS   Podatności dla 'Hermit'   RSS

2022-04-28
 
CVE-2022-29410

CWE-89
 

 
Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids).

 
 
CVE-2022-29411

CWE-89
 

 
SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id).

 
 
CVE-2022-29412

CWE-352
 

 
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source.

 
 
CVE-2022-29413

CWE-352
 

 
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top