Codesnippets: >> Code Snippets >> 1.9.1 Security Vulnerabilities
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.
CVSS Score
4.7
EPSS Score
0.003
Published
2022-05-18
The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue
CVSS Score
6.1
EPSS Score
0.021
Published
2022-01-24
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.
CVSS Score
8.8
EPSS Score
0.503
Published
2020-01-28