Filtered by vendor S-sols
Subscribe
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49740 | 1 S-sols | 1 Seraphinite Accelerator | 2025-01-16 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seraphinite Solutions Seraphinite Accelerator allows Reflected XSS.This issue affects Seraphinite Accelerator: from n/a through 2.20.28. | |||||
| CVE-2023-5611 | 1 S-sols | 1 Seraphinite Accelerator | 2025-01-16 | N/A | 5.3 MEDIUM |
| The Seraphinite Accelerator WordPress plugin before 2.20.32 does not have authorisation and CSRF checks when resetting and importing its settings, allowing unauthenticated users to reset them | |||||
| CVE-2024-1568 | 1 S-sols | 1 Seraphinite Accelerator | 2025-01-16 | N/A | 6.4 MEDIUM |
| The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2024-38728 | 1 S-sols | 1 Seraphinite Post .docx Source | 2024-11-21 | N/A | 7.2 HIGH |
| Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.9. | |||||
| CVE-2023-5610 | 1 S-sols | 1 Seraphinite Accelerator | 2024-11-21 | N/A | 5.4 MEDIUM |
| The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect | |||||
| CVE-2023-5609 | 1 S-sols | 1 Seraphinite Accelerator | 2024-11-21 | N/A | 6.1 MEDIUM |
| The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | |||||
| CVE-2023-48279 | 1 S-sols | 1 Seraphinite Post .docx Source | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source allows Cross Site Request Forgery.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.6. | |||||