Page 4 of 17 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. El plugin icegram versiones anteriores a 1.9.19 para WordPress, presenta una vulnerabilidad de tipo CSRF por medio del parámetro option_name del archivo wp-admin/edit.php. • https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_icegram_wordpress_plugin.html https://wordpress.org/plugins/icegram/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The icegram plugin before 1.9.19 for WordPress has XSS. El plugin icegram versiones anteriores a 1.9.19 para WordPress, presenta una vulnerabilidad de tipo XSS. The icegram plugin before 1.9.19 for WordPress has XSS in 'message' parameter. • https://wordpress.org/plugins/icegram/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •