67 matches found
CVE-2024-31350
Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
CVE-2024-31350
Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
CVE-2024-31350
CVE-2024-31350 affects the WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds up to version 4.3.1. It is a missing authorization vulnerability exposing unauthorized actions. Remediation: upgrade to a version later than 4.3.1.
CVE-2024-31350 WordPress AWP Classifieds plugin <= 4.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
PT-2024-23994 · Unknown · Awp Classifieds
Name of the Vulnerable Software and Affected Versions: AWP Classifieds versions 4.3.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds. Recommendations: For versions 4.3.1 and earlier, update to a version later than 4.3...
WordPress plugin AWP Classifieds security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
AWP Classifieds < 4.3.2 - Cross-Site Request Forgery
Description The AWP Classifieds plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrect nonce validation on the ajax function. This makes it possible for unauthenticated attackers to edit balances via a forged...
CVE-2024-32447
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
CVE-2024-32447
CVE-2024-32447 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WordPress Classifieds (AWP Classifieds), affecting versions up to 4.3.1. The vulnerability is documented as a CSRF issue in AWP Classifieds (WordPress Classifieds Plugin – Ad Directory & Listings by...
CVE-2024-32447 WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
CVE-2024-32447 WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...
WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin AWP Classifieds versions = 4.3.1...
WordPress AWP Classifieds Plugin <= 4.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software AWP Classifieds Type Plugin Vulnerable versions = 4.3.1 Fixed in 4.3.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32447 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3cf46b4fcbdc Credits Peng Zhou Required...
AWP Classifieds < 4.3.2 - Missing Authorization
Description The AWP Classifieds plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 4.3.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized...
WordPress AWP Classifieds plugin <= 4.3.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin AWP Classifieds versions = 4.3.1...
WordPress AWP Classifieds Plugin <= 4.3.1 is vulnerable to Broken Access Control
Software AWP Classifieds Type Plugin Vulnerable versions = 4.3.1 Fixed in 4.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31350 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID a2e0652e7562 Credits Abdi Pranata Required...
AWP Classifieds < 4.3.1 - Categories Mgt via CSRF
Description The plugin does not have CSRF checks when managing categories such as deleting, updating etc, which could allow attackers to make logged in admins perform such actions via CSRF attacks...
CVE-2023-41801
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...
CVE-2023-41801
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...