Code Snippets Extended Project: Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress allows an attacker to delete or to turn on/off snippets.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-05-17
Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery (vulnerable parameters &title, &snippet_code).
CVSS Score
4.7
EPSS Score
0.001
Published
2022-05-17
Remote Code Execution (RCE) in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery.
CVSS Score
8.8
EPSS Score
0.018
Published
2022-05-17