Davidjmiller

davidjmiller

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-3972 1Davidjmiller 1Similarity Jun 17, 2026 Jun 14, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...Show more The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attackShow less
CVE-2024-3971 1Davidjmiller 1Similarity Jun 17, 2026 Jun 14, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack
CVE-2023-7084 1Davidjmiller 1Voting Record Jun 17, 2026 Jan 16, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks
CVE-2023-7083 1Davidjmiller 1Voting Record Jun 17, 2026 Jan 16, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Voting Record WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a C...Show more The Voting Record WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attackShow less