Filtered by vendor Hermit Project
Subscriptions
Filtered by product Hermit
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-29413 | 1 Hermit Project | 1 Hermit | 2024-09-17 | 4.7 Medium |
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress via &title parameter. | ||||
CVE-2022-29411 | 1 Hermit Project | 1 Hermit | 2024-09-17 | 8.3 High |
SQL Injection (SQLi) vulnerability in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | ||||
CVE-2022-29410 | 1 Hermit Project | 1 Hermit | 2024-09-16 | 7.4 High |
Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | ||||
CVE-2022-29412 | 1 Hermit Project | 1 Hermit | 2024-09-16 | 5.4 Medium |
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source. |
Page 1 of 1.