Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.4 views

CVE-2021-4421

The Advanced Popups plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the metaboxpopupsave function. This makes it possible for unauthenticated attackers to save meta tags via a forged...

4.3CVSS5.8AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2023/07/12 7:15 a.m.2 views

CVE-2021-4421

The Advanced Popups plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the metaboxpopupsave function. This makes it possible for unauthenticated attackers to save meta tags via a forged...

4.3CVSS5.6AI score0.0035EPSS
Exploits0References9
Prion
Prion
added 2023/07/12 7:15 a.m.10 views

Cross site request forgery (csrf)

The Advanced Popups plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the metaboxpopupsave function. This makes it possible for unauthenticated attackers to save meta tags via a forged...

4.3CVSS4.3AI score0.0035EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/12 6:52 a.m.19 views

CVE-2021-4421 Advanced Popups <= 1.1.1 - Cross-Site Request Forgery Bypass

The Advanced Popups plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the metaboxpopupsave function. This makes it possible for unauthenticated attackers to save meta tags via a forged...

4.3CVSS5.8AI score0.0035EPSS
Exploits0References9
Cvelist
Cvelist
added 2023/07/12 6:52 a.m.23 views

CVE-2021-4421 Advanced Popups <= 1.1.1 - Cross-Site Request Forgery Bypass

The Advanced Popups plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the metaboxpopupsave function. This makes it possible for unauthenticated attackers to save meta tags via a forged...

4.3CVSS4.6AI score0.0035EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.5 views

WordPress Plugin Advanced Popups 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS4.8AI score0.0035EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.4 views

PT-2023-12535 · WordPress · Advanced Popups

Name of the Vulnerable Software and Affected Versions: Advanced Popups plugin for WordPress versions up to, and including, 1.1.1 Description: The issue is due to missing or incorrect nonce validation on the metabox popup save function, making it possible for unauthenticated attackers to save meta...

4.3CVSS4.5AI score0.0035EPSS
Exploits0References12
Patchstack
Patchstack
added 2021/06/21 12:0 a.m.20 views

WordPress Advanced Popups plugin <= 1.1.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Advanced Popups plugin versions = 1.1.1. Solution Update the WordPress Advanced Popups plugin to the latest available version at least 1.1.2...

2.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder