Filtered by vendor Hermit Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-29412 | 1 Hermit Project | 1 Hermit | 2023-01-30 | 5.8 MEDIUM | 5.4 MEDIUM |
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. | |||||
CVE-2022-29411 | 1 Hermit Project | 1 Hermit | 2023-01-30 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | |||||
CVE-2022-29410 | 1 Hermit Project | 1 Hermit | 2023-01-30 | 6.5 MEDIUM | 8.8 HIGH |
Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | |||||
CVE-2022-29413 | 1 Hermit Project | 1 Hermit | 2023-01-30 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress via &title parameter. |