Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2024-22143

Disclosure Date: January 31, 2024 (last updated February 03, 2024)

Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17.

Attacker Value

Unknown

CVE-2022-2658

Disclosure Date: January 16, 2023 (last updated October 08, 2023)

The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2019-6027

Disclosure Date: December 26, 2019 (last updated November 27, 2024)

Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Attack Vector: Network Privileges: None User Interaction: Required

3 Total Results

Displaying 1-3 of 3

Unknown

CVE-2024-22143

Unknown

CVE-2022-2658

Unknown

CVE-2019-6027

Quick Cookie Notification