Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2023-37978

Disclosure Date: November 13, 2023 (last updated November 18, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-37874

Disclosure Date: August 05, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dimitar Ivanov HTTP Headers plugin <= 1.18.11 versions.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-1208

Disclosure Date: July 10, 2023 (last updated October 08, 2023)
This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-1207

Disclosure Date: May 15, 2023 (last updated October 08, 2023)
This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0