📦

sniplets_plugin

Vendor: wordpress

Actively Exploited 0 CISA KEV List

PoC / Exploits 3 Code Available

Total RCEs 2 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 5.07% Exploit Prob.

Latest CVE CVE-2008-1059 Feb 28

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-1059

RCE Exploit Found

PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.

EPSS: 0.19%

Severity: HIGH

Feb 28, 2008

7.5 CVSS

CVE-2008-1060

RCE Exploit Found

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter.

EPSS: 14.87%

Severity: HIGH

Feb 28, 2008

4.3 CVSS

CVE-2008-1061

Exploit Found

Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and possibly (d) modules/execute.php; the (2) url parameter to (e) view/admin/submenu.php; and the (3) page parameter to (f) view/admin/pager.php.

EPSS: 0.16%

Severity: MEDIUM

Feb 28, 2008

Displaying 3 of 3 Total Entries

Total 1 Sections