Vulnerabilities > Riverside > Http Headers > 1.7.1

DATE CVE VULNERABILITY TITLE RISK
2023-11-13 CVE-2023-37978 Server-Side Request Forgery (SSRF) vulnerability in Riverside Http Headers
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.
network
low complexity
riverside CWE-918
4.9
4.9
2023-08-05 CVE-2023-37874 Cross-site Scripting vulnerability in Riverside Http Headers
Auth.
network
low complexity
riverside CWE-79
4.8
4.8
2023-05-15 CVE-2023-1207 Unspecified vulnerability in Riverside Http Headers
This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.
network
low complexity
riverside
7.2
7.2