Lucene search
K

67 matches found

NVD
NVD
added 2024/06/09 6:15 p.m.20 views

CVE-2024-31350

Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

8.8CVSS0.00323EPSS
Exploits0References1
OSV
OSV
added 2024/06/09 6:15 p.m.2 views

CVE-2024-31350

Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

8.8CVSS5.8AI score0.00323EPSS
Exploits0References1
CVE
CVE
added 2024/06/09 6:4 p.m.57 views

CVE-2024-31350

CVE-2024-31350 affects the WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds up to version 4.3.1. It is a missing authorization vulnerability exposing unauthorized actions. Remediation: upgrade to a version later than 4.3.1.

8.8CVSS5AI score0.00323EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/09 6:4 p.m.25 views

CVE-2024-31350 WordPress AWP Classifieds plugin <= 4.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

4.3CVSS0.00323EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.6 views

PT-2024-23994 · Unknown · Awp Classifieds

Name of the Vulnerable Software and Affected Versions: AWP Classifieds versions 4.3.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds. Recommendations: For versions 4.3.1 and earlier, update to a version later than 4.3...

8.8CVSS9.4AI score0.00323EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.6 views

WordPress plugin AWP Classifieds security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.7AI score0.00323EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/04/17 12:0 a.m.15 views

AWP Classifieds < 4.3.2 - Cross-Site Request Forgery

Description The AWP Classifieds plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrect nonce validation on the ajax function. This makes it possible for unauthenticated attackers to edit balances via a forged...

4.3CVSS6.4AI score0.00212EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/15 8:15 a.m.13 views

CVE-2024-32447

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

4.3CVSS4.6AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 7:56 a.m.60 views

CVE-2024-32447

CVE-2024-32447 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WordPress Classifieds (AWP Classifieds), affecting versions up to 4.3.1. The vulnerability is documented as a CSRF issue in AWP Classifieds (WordPress Classifieds Plugin – Ad Directory & Listings by...

4.3CVSS5.1AI score0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 7:56 a.m.14 views

CVE-2024-32447 WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

4.3CVSS7.2AI score0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 7:56 a.m.20 views

CVE-2024-32447 WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1...

4.3CVSS5AI score0.00212EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/12 4:19 p.m.5 views

WordPress AWP Classifieds plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin AWP Classifieds versions = 4.3.1...

4.3CVSS7AI score0.00212EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/12 12:0 a.m.13 views

WordPress AWP Classifieds Plugin <= 4.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software AWP Classifieds Type Plugin Vulnerable versions = 4.3.1 Fixed in 4.3.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32447 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3cf46b4fcbdc Credits Peng Zhou Required...

4.3CVSS7AI score0.00212EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/11 12:0 a.m.20 views

AWP Classifieds < 4.3.2 - Missing Authorization

Description The AWP Classifieds plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 4.3.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized...

8.8CVSS6.2AI score0.00323EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:31 p.m.5 views

WordPress AWP Classifieds plugin <= 4.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin AWP Classifieds versions = 4.3.1...

8.8CVSS7AI score0.00323EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.9 views

WordPress AWP Classifieds Plugin <= 4.3.1 is vulnerable to Broken Access Control

Software AWP Classifieds Type Plugin Vulnerable versions = 4.3.1 Fixed in 4.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31350 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID a2e0652e7562 Credits Abdi Pranata Required...

8.8CVSS6.5AI score0.00323EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/10/10 12:0 a.m.21 views

AWP Classifieds < 4.3.1 - Categories Mgt via CSRF

Description The plugin does not have CSRF checks when managing categories such as deleting, updating etc, which could allow attackers to make logged in admins perform such actions via CSRF attacks...

8.8CVSS6.5AI score0.00208EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/10/06 3:15 p.m.3 views

CVE-2023-41801

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

8.8CVSS5.8AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2023/10/06 3:15 p.m.23 views

CVE-2023-41801

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

8.8CVSS6.5AI score0.00208EPSS
Exploits0References1
Prion
Prion
added 2023/10/06 3:15 p.m.18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

6.8CVSS8.8AI score0.00208EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder