3 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93. Vulnerabilidad de autenticación rota en SoftLab Integrate Google Drive. Este problema afecta a Integrate Google Drive: desde n/a hasta 1.3.93. The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.3.93. This makes it possible for unauthenticated attackers to perform an unauthorized action. • https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve • CWE-287: Improper Authentication CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en SoftLab Integrate Google Drive. Este problema afecta a Integrate Google Drive: desde n/a hasta 1.3.4. The Integrate Google Drive plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.4. This is due to missing or incorrect nonce validation on an unknown function. • https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2. Vulnerabilidad de redireccionamiento de URL a un sitio que no es de confianza ('Open Redirect') en SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site. Este problema afecta a Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: desde n/a hasta 1.3.2. The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.2. This is due to insufficient validation on the redirect url supplied via the 'state' parameter. • https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •