Lucene search
+L

67 matches found

CVE
CVE
added 2023/10/06 2:48 p.m.53 views

CVE-2023-41801

CVE-2023-41801 : AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin versions ≤ 4.3 are affected by a Cross-Site Request Forgery (CSRF) vulnerability. The issue is mitigated by upgrading to version 4.3.1, which is listed as the fix. Public exploitation details are not provided ...

8.8CVSS7AI score0.00208EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/06 2:48 p.m.17 views

CVE-2023-41801 WordPress AWP Classifieds Plugin <= 4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

5.4CVSS7.4AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/06 2:48 p.m.29 views

CVE-2023-41801 WordPress AWP Classifieds Plugin <= 4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

5.4CVSS9AI score0.00208EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/09/05 12:0 a.m.15 views

WordPress AWP Classifieds Plugin <= 4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software AWP Classifieds Type Plugin Vulnerable versions = 4.3 Fixed in 4.3.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41801 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 713cc389c4a6 Credits Mika Required privile...

8.8CVSS6.9AI score0.00208EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.28 views

CVE-2022-3254 AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi

The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection...

9.9AI score0.05103EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2022/10/10 12:0 a.m.19 views

AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection PoC To read the userlogin and userpass columns from the wpusers tabl...

9.8CVSS3.4AI score0.05103EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/10/10 12:0 a.m.109 views

AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection To read the userlogin and userpass columns from the wpusers table:...

9.8CVSS2.8AI score0.05103EPSS
Exploits2
Rows per page
Query Builder