Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2024-7429
Disclosure Date: November 05, 2024 (last updated November 09, 2024)
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticated attackers, with Contributor-level access and above, to reset the plugin's settings.
0
Attacker Value
Unknown
CVE-2024-47621
Disclosure Date: October 05, 2024 (last updated October 06, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Katie Seaborn Zotpress allows Stored XSS.This issue affects Zotpress: from n/a through 7.3.10.
0
Attacker Value
Unknown
CVE-2024-34569
Disclosure Date: May 08, 2024 (last updated May 08, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Seaborn Zotpress allows Stored XSS.This issue affects Zotpress: from n/a through 7.3.9.
0
Attacker Value
Unknown
CVE-2024-30488
Disclosure Date: March 29, 2024 (last updated January 05, 2025)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Katie Seaborn Zotpress.This issue affects Zotpress: from n/a through 7.3.7.
0
Attacker Value
Unknown
CVE-2023-46313
Disclosure Date: October 31, 2023 (last updated November 08, 2023)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.4 versions.
0
Attacker Value
Unknown
CVE-2023-32961
Disclosure Date: June 12, 2023 (last updated October 08, 2023)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.3 versions.
0
Attacker Value
Unknown
CVE-2016-1000217
Disclosure Date: October 06, 2016 (last updated November 25, 2024)
Zotpress plugin for WordPress SQLi in zp_get_account()
0
