Vulnerabilities
Vulnerable Software
Feataholic:  >> Maz Loader  >> 1.3.0  Security Vulnerabilities
The MAZ Loader WordPress plugin before 1.4.1 does not enforce nonce checks, which allows attackers to make administrators delete arbitrary loaders via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2021-11-23
The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.
CVSS Score
8.8
EPSS Score
0.005
Published
2021-11-08


Contact Us

Shodan ® - All rights reserved