Page 2 of 10 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages. El complemento todo en uno wp-security-and-firewall versión anterior a 4.0.6 para WordPress tiene XSS en las páginas de configuración. • https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers https://wpvulndb.com/vulnerabilities/9736 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages. El complemento all-in-one-wp-security-and-firewall anterior a 4.0.5 para WordPress tiene XSS en la lista negra, el sistema de archivos y las páginas de configuración de detección de cambio de archivo. • https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature. El complemento todo en uno wp-security-and-firewall anterior a 3.9.8 para WordPress tiene XSS en la función de solicitud de desbloqueo. • https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances. El complemento all-in-one-wp-security-and-firewall versiones anterior a 3.9.5 para WordPress tiene XSS en instancias de función add_query_arg y remove_query_arg. • https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. El plugin all-in-one-wp-security-and-firewall versiones anteriores a 3.9.1 para WordPress, presenta múltiples problemas de inyección SQL. • https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •