Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2022-24664

Disclosure Date: February 16, 2022 (last updated October 07, 2023)

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts.

Attacker Value

Unknown

CVE-2022-24665

Disclosure Date: February 16, 2022 (last updated October 07, 2023)

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-24663

Disclosure Date: February 16, 2022 (last updated October 07, 2023)

PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2021-23227

Disclosure Date: January 13, 2022 (last updated November 08, 2023)

Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 versions.

Attack Vector: Network Privileges: None User Interaction: Required

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2022-24664

Unknown

CVE-2022-24665

Unknown

CVE-2022-24663

Unknown

CVE-2021-23227

Quick Cookie Notification