CVE-2023-26516

Cross-Site Request Forgery CSRF vulnerability in WPIndeed Debug Assistant plugin = 1.4 versions...

CVE-2023-26516 WordPress Debug Assistant Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPIndeed Debug Assistant plugin = 1.4 versions...

CVE-2023-26516

CVE-2023-26516 is a CSRF vulnerability in the WordPress WPIndeed Debug Assistant plugin (versions ≤ 1.4). The described root cause is unauthorized CSRF execution that can affect unauthenticated users, with impacts stated as high confidentiality, integrity, and availability by CVSS 3.1 metrics (8....

WordPress Debug Assistant Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Debug Assistant Type Plugin Vulnerable versions = 1.4 Fixed in 1.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-26516 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 29fe448c29d4 Credits Prasanna V Balaji...

CVE-2022-26516

Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment...

CVE-2022-26516 ICSA-22-104-03 Red Lion DA50N

Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment...

CVE-2022-26516

CVE-2022-26516 affects Red Lion DA50N gateways. The weakness is Insufficient Verification of Data Authenticity (web UI update process), allowing an authorized user to install a maliciously modified package file if it’s sourced from unauthorized or compromised files between download and deployment...

Red Lion DA50N

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Red Lion Equipment: DA50N Vulnerabilities: Insufficient Verification of Data Authenticity, Weak Password Requirements, Use of Unmaintained Third-Party Components, Insufficiently Protected Credentials 2...

CVE-2020-26516

The CVE-2020-26516 issue affects Intland codeBeamer ALM (versions 10.x through 10.1.SP4). The root cause is missing CSRF tokens in requests that trigger server actions, allowing crafted requests to cause a victim’s browser to perform undesired actions within the web application. The NVD entry lis...