Filtered by vendor Ciphercoin
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4303 | 1 Ciphercoin | 1 Wp Limit Login Attempts | 2023-01-31 | N/A | 7.5 HIGH |
| The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based restrictions on login forms. | |||||
| CVE-2022-3634 | 1 Ciphercoin | 1 Contact Form 7 Database Addon | 2022-11-23 | N/A | 9.8 CRITICAL |
| The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when output it back in a CSV file, which could lead to CSV injection | |||||
| CVE-2021-24144 | 1 Ciphercoin | 1 Contact Form 7 Database Addon | 2022-11-14 | 6.8 MEDIUM | 7.8 HIGH |
| Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone to a vulnerability that lets remote attackers inject arbitrary formulas into CSV files. | |||||
| CVE-2021-36886 | 1 Ciphercoin | 1 Contact Form 7 Database Addon | 2022-11-14 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9). | |||||
| CVE-2021-36885 | 1 Ciphercoin | 1 Contact Form 7 Database Addon | 2022-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1). | |||||
| CVE-2015-6829 | 1 Ciphercoin | 1 Wp Limit Login Attempts | 2015-09-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header. | |||||