2 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability. El plugin total-security versiones anteriores a 3.4.1 para WordPress, presenta una vulnerabilidad de cambio de configuración. • https://wordpress.org/plugins/total-security/#developers • CWE-20: Improper Input Validation CWE-862: Missing Authorization •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The total-security plugin before 3.4.1 for WordPress has XSS. El plugin total-security versiones anteriores a 3.4.1 para WordPress, presenta una vulnerabilidad de tipo XSS. The total-security plugin before 3.4.1 for WordPress has XSS via several parameters. • https://wordpress.org/plugins/total-security/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •