Riverside: >> Http Headers >> 1.18.10 Security Vulnerabilities
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.
CVSS Score
4.4
EPSS Score
0.001
Published
2023-11-13
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dimitar Ivanov HTTP Headers plugin <= 1.18.11 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-05
This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability.
CVSS Score
7.2
EPSS Score
0.026
Published
2023-07-10