Filtered by vendor Anti-malware Security And Brute-force Firewall Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2599 | 1 Anti-malware Security And Brute-force Firewall Project | 1 Anti-malware Security And Brute-force Firewall | 2024-11-21 | N/A | 6.1 MEDIUM |
| The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting | |||||
| CVE-2021-25101 | 1 Anti-malware Security And Brute-force Firewall Project | 1 Anti-malware Security And Brute-force Firewall | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Reflected Cross-Site scripting. Due to the presence of specific parameter value, available to admin users, this can only be exploited by an admin against another admin user. | |||||