VYPR

Htaccess

by Bestwebsoft

CVEs (2)

  • CVE-2017-2171MedMay 22, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom…

  • CVE-2020-8658Feb 6, 2020
    risk 0.00cvss epss 0.10

    The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implementation of…