Inisev ≫ Enhanced Text Widget

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.5

CVE-2024-0559

Exploit

EPSS 0.32%
Veröffentlicht 11.03.2024 18:15:17
Zuletzt bearbeitet 01.04.2025 15:37:13

The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting atta...

4.3

CVE-2023-3977

Exploit

EPSS 0.45%
Veröffentlicht 28.07.2023 05:15:11
Zuletzt bearbeitet 03.04.2025 12:44:20

Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in va...

6.5

CVE-2023-0958

EPSS 0.22%
Veröffentlicht 28.07.2023 05:15:09
Zuletzt bearbeitet 03.04.2025 12:44:20

Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This make...

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Inisev ≫ Enhanced Text Widget

CVE-2024-0559

CVE-2023-3977

CVE-2023-0958