CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <= 3.3 versions allows Stored Cross-Site Scripting (XSS).

**Solution**

Fixed 

Update the WordPress Auto Upload Images plugin to the latest available version (at least 3.3.1).

Rasi discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Auto Upload Images Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has been fixed in version 3.3.1.

**No other known vulnerabilities for this plugin**Report

**Report to Patchstack Alliance bounty platform and earn monthly cash prizes.**

Learn more

CVE-2022-42880: WordPress Auto Upload Images plugin <= 3.3 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) - Patchstack

Headline

CVE-2022-42880: WordPress Auto Upload Images plugin <= 3.3 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) - Patchstack

CVE: Latest News