Vulnerabilities > Davidjmiller

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-14	CVE-2024-3971	Cross-Site Request Forgery (CSRF) vulnerability in Davidjmiller Similarity 3.0 The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack network low complexity davidjmiller CWE-352	4.3
2024-06-14	CVE-2024-3972	Cross-Site Request Forgery (CSRF) vulnerability in Davidjmiller Similarity 3.0 The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack network low complexity davidjmiller CWE-352	4.3
2024-01-16	CVE-2023-7083	Cross-Site Request Forgery (CSRF) vulnerability in Davidjmiller Voting Record The Voting Record WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack network low complexity davidjmiller CWE-352	5.4
2024-01-16	CVE-2023-7084	Cross-site Scripting vulnerability in Davidjmiller Voting Record The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks network low complexity davidjmiller CWE-79	5.4

Vulnerabilities > Davidjmiller {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Davidjmiller"}]}