Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23227 | 1 Php Everywhere Project | 1 Php Everywhere | 2023-03-13 | 6.8 MEDIUM | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 versions. | |||||
CVE-2022-24664 | 1 Php Everywhere Project | 1 Php Everywhere | 2022-02-24 | 4.0 MEDIUM | 8.8 HIGH |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. | |||||
CVE-2022-24665 | 1 Php Everywhere Project | 1 Php Everywhere | 2022-02-24 | 6.5 MEDIUM | 8.8 HIGH |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. | |||||
CVE-2022-24663 | 1 Php Everywhere Project | 1 Php Everywhere | 2022-02-24 | 6.5 MEDIUM | 8.8 HIGH |
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. |