Wpchef

wpchef

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Widget Logic

widget_logic

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-12826 1Wpchef 1Widget Logic Jun 17, 2026 Jul 1, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that are attached to widgets...Show more A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that are attached to widgets and then eval'd to dynamically determine their visibility) by crafting a malicious POST request that tricks administrators into adding the code.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-12826

1Wpchef

1Widget Logic

Jun 17, 2026

Jul 1, 2019

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that are attached to widgets and then eval'd to dynamically determine their visibility) by crafting a malicious POST request that tricks administrators into adding the code.Show less