Lucene search
K

8806 matches found

Prion
Prion
added 2023/04/20 6:15 p.m.17 views

Cross site request forgery (csrf)

Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any...

4.3CVSS6.5AI score0.00295EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/20 5:14 p.m.6 views

CVE-2023-30616 Cross Site Request Forgery due to missing nonce verification in form block

Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any...

6.5CVSS6.6AI score0.00295EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/20 12:0 a.m.6 views

PT-2023-22813 · WordPress · Form Block

Name of the Vulnerable Software and Affected Versions: Form block versions prior to 1.0.2 Description: The Form block WordPress plugin is subject to a Cross-Site Request Forgery CSRF due to a missing nonce check. This allows requests to be sent to forms from any website without the user's...

6.5CVSS6.4AI score0.00295EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.15 views

Reservation.Studio widget < 1.0.12 - Cross-Site Request Forgery

The plugin does not properly validate requests use nonces, leading to a Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS8.3AI score0.00269EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2023/04/13 1:2 p.m.4 views

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2023/04/12 12:0 a.m.4 views

WordPress plugin Wicked Folders 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

5.4CVSS6.2AI score0.00297EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/04/06 9:15 p.m.2 views

CVE-2023-1927

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCssAndJsCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2023/04/06 9:15 p.m.4 views

CVE-2023-1927

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCssAndJsCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache...

4.3CVSS6.5AI score0.00227EPSS
Exploits0References2
Prion
Prion
added 2023/04/06 9:15 p.m.18 views

Cross site request forgery (csrf)

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCssAndJsCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache...

4.3CVSS4.2AI score0.00227EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/04/06 8:15 p.m.2 views

CVE-2023-1920

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpurgecachevarnishcallback function. This makes it possible for unauthenticated attackers to purge the...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/04/06 8:15 p.m.2 views

CVE-2023-1925

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcclearcacheofallsitescallback function. This makes it possible for unauthenticated attackers to clear cache...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2023/04/06 8:15 p.m.2 views

CVE-2023-1918

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglecallback function. This makes it possible for unauthenticated attackers to invoke a cache...

4.3CVSS6.5AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/04/06 8:15 p.m.1 views

CVE-2023-1923

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcremovecdnintegrationajaxrequestcallback function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
NVD
NVD
added 2023/04/06 8:15 p.m.15 views

CVE-2023-1925

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcclearcacheofallsitescallback function. This makes it possible for unauthenticated attackers to clear cache...

4.3CVSS4.2AI score0.00227EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/04/06 8:15 p.m.3 views

CVE-2023-1918

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglecallback function. This makes it possible for unauthenticated attackers to invoke a cache...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2023/04/06 8:15 p.m.3 views

CVE-2023-1925

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcclearcacheofallsitescallback function. This makes it possible for unauthenticated attackers to clear cache...

4.3CVSS7.2AI score0.00227EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/04/06 8:15 p.m.1 views

CVE-2023-1926

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion vi...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4
NVD
NVD
added 2023/04/06 8:15 p.m.22 views

CVE-2023-1926

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the deleteCacheToolbar function. This makes it possible for unauthenticated attackers to perform cache deletion vi...

4.3CVSS4.2AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2023/04/06 8:15 p.m.21 views

CVE-2023-1918

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglecallback function. This makes it possible for unauthenticated attackers to invoke a cache...

4.3CVSS4.2AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2023/04/06 8:15 p.m.11 views

CVE-2023-1920

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpurgecachevarnishcallback function. This makes it possible for unauthenticated attackers to purge the...

4.3CVSS4.2AI score0.00227EPSS
Exploits0References2
Rows per page
Query Builder