Filtered by vendor Riverside Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-37978 1 Riverside 1 Http Headers 2024-11-21 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.
CVE-2023-37874 1 Riverside 1 Http Headers 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dimitar Ivanov HTTP Headers plugin <= 1.18.11 versions.
CVE-2023-1208 1 Riverside 1 Http Headers 2024-11-21 7.2 High
This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability.
CVE-2023-1207 1 Riverside 1 Http Headers 2024-11-21 7.2 High
This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.