CVE-2022-3847: Stored XSS and CSRF Vulnerabilities in Showing URL in QR Code WordPress Plugin
The Showing URL in QR Code WordPress plugin, version ..1, has been identified with a stored Cross-Site Scripting (XSS) vulnerability as well as a Cross-Site
CVE-2022-3850: Understanding CSRF Vulnerability in Find and Replace All WordPress plugin Before Version 1.3
Security is a crucial aspect of today's web, and WordPress is no exception. Recently, a major vulnerability (CVE-2022-3850) was discovered in the Find
CVE-2022-3865 The WP User Merger plugin before 1.5.3 does not properly sanitise and escape a parameter, which allows users with a role as low as admin to inject SQL queries.
This can be exploited by attackers to run arbitrary SQL queries as high privileged users. WP user merger is used to reduce the amount of
CVE-2022-23044 – Unauthenticated Remote Attacker Can Exploit CSRF Vulnerability in Tiny File Manager 2.4.8
Tiny File Manager, a popular web-based file manager application widely used for managing files on web servers with ease is found to have a vulnerability
CVE-2022-37721: PyroCMS 3.9 Stored Cross-Site Scripting Vulnerability Leading to Full Admin Account Takeover or Privilege Escalation
PyroCMS 3.9, an open-source content management system (CMS) widely used for creating and managing websites, has been found to be vulnerable to a stored
Episode
00:00:00
00:00:00