Vulnerabilities > Qurl
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-10 | CVE-2015-10100 | SQL Injection vulnerability in Qurl Dynamic Widgets A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10 on WordPress. | 9.8 |
2019-09-26 | CVE-2015-9437 | Cross-Site Request Forgery (CSRF) vulnerability in Qurl Dynamic Widgets The dynamic-widgets plugin before 1.5.11 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=dynwid-config page_limit parameter. | 4.3 |
2019-09-26 | CVE-2015-9436 | Cross-site Scripting vulnerability in Qurl Dynamic Widgets The dynamic-widgets plugin before 1.5.11 for WordPress has XSS via the wp-admin/admin-ajax.php?action=term_tree prefix or widget_id parameter. | 3.5 |