Show filters
36 Total Results
Displaying 31-36 of 36
Sort by:
Attacker Value
Unknown

CVE-2019-15834

Disclosure Date: August 30, 2019 (last updated November 27, 2024)
The webp-converter-for-media plugin before 1.0.3 for WordPress has CSRF.
0
0
Attacker Value
Unknown

CVE-2019-15837

Disclosure Date: August 30, 2019 (last updated November 27, 2024)
The webp-express plugin before 0.14.8 for WordPress has stored XSS.
0
0
Attacker Value
Unknown

CVE-2019-15330

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading.
0
0
Attacker Value
Unknown

CVE-2016-9969

Disclosure Date: May 23, 2019 (last updated November 27, 2024)
In libwebp 0.5.1, there is a double free bug in libwebpmux.
0
0
Attacker Value
Unknown

CVE-2016-10633

Disclosure Date: June 01, 2018 (last updated November 26, 2024)
dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. dwebp-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.
0
0
Attacker Value
Unknown

CVE-2016-9085

Disclosure Date: February 03, 2017 (last updated November 08, 2023)
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous