Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.6
CVE-2025-39601
- EPSS 0.01%
- Published 16.04.2025 12:44:15
- Last modified 16.04.2025 13:25:37
Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP allows Remote Code Inclusion. This issue affects Custom CSS, JS & PHP: from n/a through 2.4.1.
4.3
CVE-2021-4418
- EPSS 0.14%
- Published 20.10.2023 08:15:11
- Last modified 21.11.2024 06:37:40
The Custom CSS, JS & PHP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated...
1