Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Wpmk Ajax Finder Project Subscribe
Filtered by product Wpmk Ajax Finder
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1749 1 Wpmk Ajax Finder Project 1 Wpmk Ajax Finder 2022-06-21 6.8 MEDIUM 8.8 HIGH
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.1.