Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-29436: Code Snippets Extended

Persistent Cross-Site Scripting (XSS) vulnerability in Alexander Stokmann’s Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery (vulnerable parameters &title, &snippet_code).

CVE
Open in Source
#xss#vulnerability#wordpress#php
  • Details
  • Reviews
  • Support
  • Development

This plugin has been closed as of May 17, 2022 and is not available for download. This closure is temporary, pending a full review.

Simple, with preview and versatile.

Nice idea of a plugin. Sadly however php code doesn’t work. Even the provided examples are not running as the " are all escaped. Too bad 🙁

allows us to add php anywhere using shortcodes. No more messing with functions.php file, making custom page templates or spawning child themes for a bit of custom logic. AMAZING

Thank you for this plugin! Helps me a lot!

I’ve tried several plugins to be able to add code easily and this one has always been the best experience of all. Surprised it isn’t more popular!

Very very good! Using a very simple and a good helper!

Read all 10 reviews

“Code Snippets Extended” is open source software. The following people have contributed to this plugin.

Contributors

  • aftamat4ik

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE