NotCVE - vendor:"Wordpress Tooltips" product:"Wordpress Tooltips" version:" >= 0.0.0 <= 9.4.9"

3 results (0.003 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31285 – WordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) vulnerability

https://notcve.org/view.php?id=CVE-2024-31285

05 Apr 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Tooltip WordPress Tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through 9.5.3. La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tooltip WordPress Tooltips permite almacenar XSS. Este problema afecta a la información sobre herramientas de WordPress: desde n/a hasta 9.5.3. The WordPress Tooltips plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 9.4.9. This is due to missing... • https://patchstack.com/database/vulnerability/wordpress-tooltips/wordpress-wordpress-tooltips-plugin-9-5-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.9EPSS: 1%CPEs: 1EXPL: 0

CVE-2024-30243 – WordPress Tooltips plugin < 9.4.5 - Auth. SQL Injection vulnerability

https://notcve.org/view.php?id=CVE-2024-30243

26 Mar 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tomas WordPress Tooltips.This issue affects WordPress Tooltips: from n/a before 9.4.5. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Tomas WordPress Tooltips. Este problema afecta la información sobre herramientas de WordPress: desde n/a antes de 9.4.5. The WordPress Tooltips plugin for WordPress is vulnerable to SQL Injection in all v... • https://patchstack.com/database/vulnerability/wordpress-tooltips/wordpress-wordpress-tooltips-plugin-9-4-5-contributor-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-25985 – WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

https://notcve.org/view.php?id=CVE-2023-25985

23 Feb 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tomas | Docs | FAQ | Premium Support WordPress Tooltips. Este problema afecta a WordPress Tooltips: desde n/a hasta 8.2.5. The WordPress Tooltips plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.2.5. This is due to missing or incorrect... • https://patchstack.com/database/vulnerability/wordpress-tooltips/wordpress-wordpress-tooltips-plugin-8-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •