5 matches found
CVE-2024-1976
creationtimestamp| type| source ---|---|--- 2024-02-29 07:22:11+00:00| seen| https://t.me/ctinow/196282 2024-02-29 07:26:54+00:00| seen| https://t.me/ctinow/196299...
CVE-2024-1976
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976
CVE-2024-1976 : Marketing Optimizer (WordPress plugin) is vulnerable to Cross-Site Request Forgery that can lead to Stored Cross-Site Scripting via admin/main-settings-page.php. The issue arises from missing or incorrect nonce validation, allowing unauthenticated attackers to update plugin settin...
CVE-2024-1976 Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
WordPress Marketing Optimizer Plugin <= 20200925 is vulnerable to Cross Site Request Forgery (CSRF)
Software Marketing Optimizer Type Plugin Vulnerable versions = 20200925 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1976 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 0dafd9769ab2 Credits suzuki kaito...