Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2022-25617

Disclosure Date: May 18, 2022 (last updated February 23, 2025)

Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.

Attacker Value

Unknown

CVE-2021-25008

Disclosure Date: January 24, 2022 (last updated February 23, 2025)

The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2020-8417

Disclosure Date: January 28, 2020 (last updated February 21, 2025)

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.

Attack Vector: Network Privileges: None User Interaction: Required

3 Total Results

Displaying 1-3 of 3

Unknown

CVE-2022-25617

Unknown

CVE-2021-25008

Unknown

CVE-2020-8417

Quick Cookie Notification