Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:9 a.m.4 views

CVE-2023-2286

The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or incorrect nonce validation on the ajaxruncleanup function. This makes it possible for unauthenticated attackers to invoke this function via a forged...

4.3CVSS5.3AI score0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/09 1:15 p.m.2 views

CVE-2023-2286

The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or incorrect nonce validation on the ajaxruncleanup function. This makes it possible for unauthenticated attackers to invoke this function via a forged...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References4
Prion
Prion
added 2023/06/09 1:15 p.m.26 views

Cross site request forgery (csrf)

The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or incorrect nonce validation on the ajaxruncleanup function. This makes it possible for unauthenticated attackers to invoke this function via a forged...

4.3CVSS4.2AI score0.00296EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.6 views

PT-2023-18734 · WordPress · Wp Activity Log

Name of the Vulnerable Software and Affected Versions: WP Activity Log for WordPress versions up to, and including, 4.5.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the ajax run cleanup function. This allows unauthenticated...

4.3CVSS5.3AI score0.00296EPSS
Exploits0References6
Rows per page
Query Builder