8 matches found
EUVD-2024-29799
Malicious code in bioql PyPI...
CVE-2024-31941
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3...
CVE-2024-31941
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3...
CVE-2024-31941
CVE-2024-31941 affects the WordPress CP Media Player plugin (versions ≤ 1.1.3). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw, with unauthenticated exploitation potential as described by Patchstack; advisory notes indicate the issue has low severity (CVSS v3.1 base score 5.4) and ...
CVE-2024-31941 WordPress CP Media Player plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3...
WordPress Plugin CP Media Player 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin CP Media Player A cross-sit...
WordPress CP Media Player Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software CP Media Player Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31941 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9a90502753a6 Credits Steven Julian...
CP Media Player < 1.2.0 - Player Deletion and Duplication via CSRF
Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the adminpage function. This makes it possible for unauthenticated attackers to delete or duplicate existing audio or video players via a forged request granted they can trick a site...