WordPress Business Card plugin <= 1.0.0 - Card Edit via CSRF vulnerability

Card Edit via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Business Card versions = 1.0.0...

WordPress Business Card plugin <= 1.0.0 - Admin+ File Upload vulnerability

Admin+ File Upload vulnerability discovered by Anjo Rev Tingson in WordPress Plugin Business Card versions = 1.0.0...

CVE-2024-5807

The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configurations...

WordPress Business Card Plugin <= 1.0.0 is vulnerable to Arbitrary File Upload

Software Business Card Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Arbitrary File Upload CVE CVE-2024-5807 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID a6a458d61852 Credits Anjo Rev Tingson Required privilege...

WordPress plugin Business Card 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

PT-2024-37170 · WordPress · Business Card Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Business Card WordPress plugin version 1.0.0 Description: The issue allows high privilege users, such as administrators, to upload malicious PHP files, potentially enabling them to run arbitrary code on servers hosting their site. This issue...

WordPress Business Card plugin <= 1.0.0 - Multiple CSRF vulnerability

Multiple CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Business Card versions = 1.0.0...

CVE-2024-4531

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks...

PT-2024-31553

Name of the Vulnerable Software and Affected Versions Business Card WordPress plugin versions 1.0.0 and earlier Description The issue concerns a lack of CSRF checks in certain areas, allowing attackers to potentially make logged-in users perform unwanted actions, such as editing card categories v...

WordPress plugin Business Card 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Business Card 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-31542 · WordPress · Business Card Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Business Card WordPress plugin versions prior to 1.0.1 Description: The issue concerns a lack of CSRF checks in certain areas, allowing attackers to trick logged-in users into performing unintended actions, such as deleting card categories...

PT-2024-31562 · WordPress · Business Card Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Business Card WordPress plugin versions prior to 1.1 Description: The issue is related to the lack of CSRF checks in certain areas, allowing attackers to potentially make logged-in users perform unwanted actions, such as editing cards, throug...