EUVD-2024-24436

Malicious code in bioql PyPI...

CVE-2024-27197

Cross-Site Request Forgery CSRF vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8...

CVE-2024-27197

Cross-Site Request Forgery CSRF vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8...

CVE-2024-27197

CVE-2024-27197 is a CSRF-to-Stored XSS vulnerability in the WordPress BeePress plugin (Beepress) affecting versions through 6.9.8. Exploitation details in connected sources indicate the issue can be triggered via beepress-pro.php, enabling stored XSS. Remediation/recommendations are not consisten...

CVE-2024-27197 WordPress BeePress plugin <= 6.9.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8...

CVE-2024-27197 WordPress BeePress plugin <= 6.9.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8...

WordPress Plugin beepress Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-21733 · Beepress · Beepress

Name of the Vulnerable Software and Affected Versions: BeePress versions through 6.9.8 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. Recommendations: For versions through 6.9.8, update to a version that contains a fix for this issue. At the...

BeePress <= 6.9.8 - Cross-Site Request Forgery via beepress-pro.php

Description The BeePress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.9.8. This is due to missing or incorrect nonce validation on multiple functions in the beepress-pro.php. This makes it possible for unauthenticated attackers to modify the...

WordPress BeePress Plugin <= 6.9.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software BeePress Type Plugin Vulnerable versions = 6.9.8 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-27197 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 23f23a1e9a56 Credits Majed Refaea Required...