CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Draftpress 1Header Footer Code Manager Jun 17, 2026 Oct 3, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions. |
1Draftpress 1Header Footer Code Manager Jun 17, 2026 Jul 25, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting. |
1Draftpress 1Header Footer Code Manager Jun 17, 2026 Feb 24, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter. |
1Draftpress 1Header Footer Code Manager Jun 17, 2026 Nov 8, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, lead...Show more |