Skip to main content

Code Snippets

3 CVEs product

Monthly

CVE-2023-47666 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.5.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Code Snippets
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-25617 MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Code Snippets
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-8417 HIGH POC THREAT This Week

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Code Snippets
NVD
CVSS 3.1
8.8
EPSS
11.9%
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.5.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Code Snippets
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Code Snippets
NVD
EPSS 12% CVSS 8.8
HIGH POC THREAT This Week

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Code Snippets
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy