Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6401

The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms main settings, sharing...

4.3CVSS5.6AI score0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 2:16 a.m.17 views

CVE-2026-6401

The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms main settings, sharing...

4.3CVSS0.00187EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/20 1:25 a.m.39 views

CVE-2026-6401 Bottom Bar <= 0.1.7 - Cross-Site Request Forgery to Settings Update

The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms main settings, sharing...

4.3CVSS0.00187EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/20 1:25 a.m.10 views

CVE-2026-6401 Bottom Bar <= 0.1.7 - Cross-Site Request Forgery to Settings Update

The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms main settings, sharing...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/20 1:25 a.m.12 views

EUVD-2026-31039

The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update forms handled in bottom-bar-admin.php. None of the three settings forms main settings, sharing...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References5
CVE
CVE
added 2026/05/20 1:25 a.m.20 views

CVE-2026-6401

The Bottom Bar plugin for WordPress (versions

4.3CVSS5.9AI score0.00187EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.16 views

PT-2026-42065

Name of the Vulnerable Software and Affected Versions Bottom Bar versions prior to 0.1.8 Description The Bottom Bar plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF, a flaw where an attacker tricks a victim into performing actions they did not intend to do. The issue exists ...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/05/19 12:4 p.m.8 views

WordPress Bottom Bar plugin <= 0.1.7 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Bottom Bar versions = 0.1.7...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder