Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Insert_php_code_snippet
(Xyzscripts)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-15 | CVE-2024-7420 | The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. This is due to missing or incorrect nonce validation in the /admin/snippets.php file. This makes it possible for unauthenticated attackers to activate/deactivate and delete code snippets via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | Insert_php_code_snippet | 6.5 | ||
| 2024-08-15 | CVE-2024-43275 | Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6. | Insert_php_code_snippet | 8.8 |