openSUSE Security Advisory (SUSE-SU-2024:1777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1777

creationtimestamp| type| source ---|---|--- 2024-02-23 08:26:50+00:00| seen| https://t.me/ctinow/191522 2024-02-23 08:31:40+00:00| seen| https://t.me/ctinow/191527 2024-03-13 16:11:54+00:00| seen| https://t.me/ctinow/206834...

CVE-2024-1777

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers t...

CVE-2024-1777

CVE-2024-1777 concerns the WordPress plugin “Admin side data storage for Contact Form 7.” The vulnerability is a Cross-Site Request Forgery (CSRF) caused by missing or incorrect nonce validation on the plugin’s settings update function, enabling unauthenticated attackers to alter plugin settings ...

CVE-2024-1777 Admin side data storage for Contact Form 7 <= 1.1.1 - Cross-Site Request Forgery

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers t...