5 matches found
CVE-2023-6532
The WP Blogs' Planetarium WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-6532 WP Blogs' Planetarium <= 1.0 - Settings Update via CSRF
The WP Blogs' Planetarium WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-6532
CVE-2023-6532 affects WP Blogs' Planetarium WordPress plugin ≤ 1.0. The issue is missing CSRF protection on settings updates, enabling a CSRF attack to cause a logged-in administrator to change settings. No explicit exploitation details are provided in the documents; remediation status/patch avai...
WordPress Plugin WP Blogs Planetarium Security Breach
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-14998 · Wpblog · Wp Blogs' Planetarium Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: WP Blogs' Planetarium WordPress plugin versions 1.0 and earlier Description: The issue is related to the lack of a CSRF check when updating settings in the plugin, which could allow attackers to make a logged-in admin change them via a CSRF...