Cookie Consent by Free Privacy Policy Generator website CVE-2022-2600 | Auto-hyperlink URLs Plugin up to 5.4.1 on WordPress unknown vulnerability u

Portal Nachrichten

WIRKLICH FIXED: RSS feeds abonnieren!!!


➠ CVE-2022-2600 | Auto-hyperlink URLs Plugin up to 5.4.1 on WordPress unknown vulnerability

A vulnerability classified as problematic was found in Auto-hyperlink URLs Plugin up to 5.4.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to use of web link to untrusted target with window.opener access. This vulnerability is known as CVE-2022-2600. The attack can be launched remotely. There is no exploit available....


➦ Sicherheitslücken / Exploits ☆ vuldb.com

➠ Komplette Nachricht lesen


Zur Startseite

➤ Ähnliche Beiträge für 'CVE-2022-2600 | Auto-hyperlink URLs Plugin up to 5.4.1 on WordPress unknown vulnerability'

Stored XSS and information exposure via wp-mail.php

vom 1700.87 Punkte
User authentication is not properly checked when the WordPress mail is run to prevent stored XSS. Additionally, adding email addresses from post-by-email logs are creating potential for information exposure vulnerability. This vulnerability affects t

Open redirect in wp_nonce_ays

vom 1700.33 Punkte
The WordPress HTTP referer is not properly validated when a user is redirected. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7

Stored XSS via comment editing

vom 1697.16 Punkte
Missing adequate checks during comment editing can lead to stored XSS attacks. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7

Leak in content from multipart emails and reverting shared objects for current user

vom 1697.16 Punkte
Reset PHPMailer properties between use to prevent information disclosure and revert shared objects for the current user to also prevent information disclosure This vulnerability affects the following application versions: WordPress 3.6

CSRF in wp-trackback.php

vom 1697.16 Punkte
Missing authentication settings can lead to CSRF attacks This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7 WordPress 3.7.

Android Auto im Test: Funktionen, Apps, Auto-Hersteller, Varianten

vom 1634.78 Punkte
Android Auto ist Googles Lösung zur Integration von Android-Smartphones in das Infotainmentsystem eines modernen PKW. Es hat das ältere Mirrorlink längst verdrängt und ist ein Konkurrent zu Carplay, mit dem Apple seine iPhones in das Auto einbindet. Wir stellen in diesem Artikel alle Aspekte und Var

XSS vulnerability on the plugins screen

vom 1621.59 Punkte
The plugins screen is not properly escaped to prevent an XSS attack. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7 WordPress 3.7.

SQL injection within the link API

vom 1621.05 Punkte
The link API in the bookmark is not properly checked against an SQL injection. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7

Output escaping issue within the_meta()

vom 1621.05 Punkte
A variable in the_meta() function is not properly escaped to prevent an XSS attack. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7

Object injection in some multisite installations

vom 1465.66 Punkte
The multisite installation of WordPress is not properly sanitized to prevent object injection via the upgrade process. This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1

SQL injection vulnerability in WP_Query

vom 1463.03 Punkte
Missing sanitization can lead to SQL injection in WP_Tax_Query This vulnerability affects the following application versions: WordPress 3.6 WordPress 3.6.1 WordPress 3.7 WordPress 3.7.

[CVE-2020-36326 - CVE-2018-19296] Object injection in PHPMailer

vom 1345.05 Punkte
CVE-2020-36326 - An external file could be unexpectedly executable if it was used as a path to an attachment file via PHP's support for .phar files`. Exploitation requires that an attacker was able to provide an unfiltered path to a file to attach. CVE-2018-19296 - Was vuln

Team Security Diskussion über CVE-2022-2600 | Auto-hyperlink URLs Plugin up to 5.4.1 on WordPress unknown vulnerability