Codesnippets Code Snippets vulnerabilities
3 known vulnerabilities affecting codesnippets/code_snippets.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-25008P3MEDIUMCVSS 6.1PoCfixed in 2.14.32022-01-24
CVE-2021-25008 [MEDIUM] CWE-79 CVE-2021-25008: The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter be
The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue
nvd
CVE-2020-8417P3HIGHCVSS 8.8fixed in 2.14.02020-01-28
CVE-2020-8417 [HIGH] CWE-352 CVE-2020-8417: The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer ch
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.
nvd
CVE-2022-25617P4MEDIUMCVSS 6.1≤ 2.14.32022-05-18
CVE-2022-25617 [MEDIUM] CWE-79 CVE-2022-25617: Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress vi
Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.
nvd