Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2
CVE-2023-40215
- EPSS 0.2%
- Veröffentlicht 04.11.2023 00:15:08
- Zuletzt bearbeitet 21.11.2024 08:19:00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Demonisblack demon image annotation allows SQL Injection.This issue affects demon image annotation: from n/a through 5.1.
7.5
CVE-2022-4171
- EPSS 0.32%
- Veröffentlicht 13.12.2022 21:15:11
- Zuletzt bearbeitet 21.11.2024 07:34:42
The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0. This is due to the plugin improperly validating the number of characters supplied during an annotation despite there bein...
8.8
CVE-2022-2864
- EPSS 0.18%
- Veröffentlicht 28.10.2022 17:15:22
- Zuletzt bearbeitet 21.11.2024 07:01:50
The demon image annotation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.7. This is due to missing nonce validation in the ~/includes/settings.php file. This makes it possible for unauthenticated...
1