2 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

04 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Chetan Gole WP-CopyProtect [Protect your blog posts] en versiones &lt;= 3.1.0. Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions. • https://patchstack.com/database/vulnerability/wp-copyprotect/wordpress-wp-copyprotect-protect-your-blog-posts-plugin-3-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

12 Jun 2023 — A vulnerability classified as problematic was found in cchetanonline WP-CopyProtect up to 3.0.0. This vulnerability affects the function CopyProtect_options_page of the file wp-copyprotect.php. The manipulation of the argument CopyProtect_nrc_text leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.1.0 is able to address this issue. • https://github.com/wp-plugins/wp-copyprotect/commit/8b8fe4102886b326330dc1ff06b17313fb10aee5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •