Tipsandtricks-Hq: Security Vulnerabilities
The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-13
The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-13
The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-13
The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-13
Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings.
CVSS Score
6.8
EPSS Score
0.001
Published
2014-05-13
Page 8