Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24665 | 1 Php Everywhere Project | 1 Php Everywhere | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. | |||||
| CVE-2022-24663 | 1 Php Everywhere Project | 1 Php Everywhere | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. | |||||
| CVE-2022-24664 | 1 Php Everywhere Project | 1 Php Everywhere | 2024-02-04 | 4.0 MEDIUM | 8.8 HIGH |
| PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. | |||||
| CVE-2021-23227 | 1 Php Everywhere Project | 1 Php Everywhere | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 versions. | |||||