Alexander Fuchs Php Everywhere vulnerabilities
4 known vulnerabilities affecting alexander_fuchs/php_everywhere.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
3
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2022-24665P2HIGHCVSS 8.8Exploited≥ 2.0.3, ≤ 2.0.32022-02-16
CVE-2022-24665 [HIGH] CWE-94 CVE-2022-24665: PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a Wor
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts.
nvd
CVE-2022-24663P2HIGHCVSS 8.8Exploited≥ 2.0.3, ≤ 2.0.32022-02-16
CVE-2022-24663 [HIGH] CWE-94 CVE-2022-24663: PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordP
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user.
nvd
CVE-2022-24664P2HIGHCVSS 8.8Exploited≥ 2.0.3, ≤ 2.0.32022-02-16
CVE-2022-24664 [HIGH] CWE-94 CVE-2022-24664: PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordP
PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts.
nvd
CVE-2021-23227P4HIGHCVSS 8.8≥ n/a, ≤ 2.0.22022-01-13
CVE-2021-23227 [HIGH] CWE-352 CVE-2021-23227: Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 ve
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Fuchs PHP Everywhere plugin <= 2.0.2 versions.
nvd