ReportizFlow
Filtered by vendor Verbb
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13870 | 1 Verbb | 1 Comments | 2024-11-21 | 5.4 Medium |
| An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset volume name. | ||||
| CVE-2020-13869 | 1 Verbb | 1 Comments | 2024-11-21 | 5.4 Medium |
| An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name. | ||||
| CVE-2020-13868 | 1 Verbb | 1 Comments | 2024-11-21 | 6.5 Medium |
| An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity. | ||||
| CVE-2020-13486 | 1 Verbb | 1 Knock Knock | 2024-11-21 | 6.1 Medium |
| The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. | ||||
| CVE-2020-13485 | 1 Verbb | 1 Knock Knock | 2024-11-21 | 9.1 Critical |
| The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. | ||||
| CVE-2020-13459 | 1 Verbb | 1 Image Resizer | 2024-11-21 | 5.4 Medium |
| An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. | ||||
| CVE-2020-13458 | 1 Verbb | 1 Image Resizer | 2024-11-21 | 8.8 High |
| An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. | ||||
Page 1 of 1.