Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

insert pages project insert pages vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2022-4483
The Insert Pages WordPress plugin prior to 3.7.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used aga...
Insert Pages Project Insert Pages
3.5
CVSSv2
CVE-2021-24850
The Insert Pages WordPress plugin prior to 3.7.0 adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom ...
Insert Pages Project Insert Pages
4
CVSSv2
CVE-2021-24851
The Insert Pages WordPress plugin prior to 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status (ie private), using a shortcode. Password protected posts/pages are not affected by such...
Insert Pages Project Insert Pages
6.4
CVSSv2
CVE-2017-18586
The insert-pages plugin prior to 3.2.4 for WordPress has directory traversal via custom template paths.
Insert Pages Project Insert Pages
7.2
CVSSv2
CVE-2021-3543
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.
Nitro Enclaves Project Nitro EnclavesRedhat Enterprise Linux 8.0Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2007-6611
Cross-site scripting (XSS) vulnerability in view.php in Mantis prior to 1.1.0 allows remote malicious users to inject arbitrary web script or HTML via a filename, related to bug_report.php.
Mantis Mantis
5
CVSSv2
CVE-2006-6574
Mantis prior to 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote malicious users to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.
Mantis Mantis 1.0.0a1Mantis Mantis 1.0.0a2Mantis Mantis 1.0.6Mantis MantisMantis Mantis 1.0.0 Rc1Mantis Mantis 1.0.0 Rc2Mantis Mantis 1.0.0 Rc3Mantis Mantis 1.0.2Mantis Mantis 1.0.3Mantis Mantis 1.0.0 Rc4Mantis Mantis 1.0.0 Rc5Mantis Mantis 1.0.4Mantis Mantis 1.0.5Mantis Mantis 1.0.0Mantis Mantis 1.0.0a3Mantis Mantis 1.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook