Vulnerabilities > Verbb

DATE CVE VULNERABILITY TITLE RISK
2020-06-05 CVE-2020-13870 Cross-site Scripting vulnerability in Verbb Comments
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS.
network
low complexity
verbb CWE-79
5.4
2020-06-05 CVE-2020-13869 Cross-site Scripting vulnerability in Verbb Comments
An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS.
network
low complexity
verbb CWE-79
5.4
2020-06-05 CVE-2020-13868 Cross-Site Request Forgery (CSRF) vulnerability in Verbb Comments
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS.
network
low complexity
verbb CWE-352
6.5
2020-05-25 CVE-2020-13486 Open Redirect vulnerability in Verbb Knock
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
network
low complexity
verbb CWE-601
6.1
2020-05-25 CVE-2020-13485 Incorrect Comparison vulnerability in Verbb Knock
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
network
low complexity
verbb CWE-697
critical
9.1
2020-05-25 CVE-2020-13459 Cross-site Scripting vulnerability in Verbb Image Resizer
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS.
network
low complexity
verbb CWE-79
5.4
2020-05-25 CVE-2020-13458 Cross-Site Request Forgery (CSRF) vulnerability in Verbb Image Resizer
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS.
network
low complexity
verbb CWE-352
8.8