Lucene search
K

4 matches found

Circl
Circl
added 2023/01/10 8:28 p.m.5 views

CVE-2022-4707

creationtimestamp| type| source ---|---|--- 2023-01-10 20:28:42+00:00| seen| https://t.me/cibsecurity/56246...

6.5CVSS7.1AI score0.00348EPSS
Exploits1References1
OSV
OSV
added 2023/01/10 5:15 p.m.2 views

CVE-2022-4707

The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.59. This is due to missing nonce validation in the 'wprcreatemegamenutemplate' AJAX function. This allows unauthenticated attackers to create Mega Menu templates,...

6.5CVSS5.8AI score0.00348EPSS
Exploits1References3
CVE
CVE
added 2023/01/10 4:55 p.m.58 views

CVE-2022-4707

CVE-2022-4707 affects WordPress Royal Elementor Addons prior to 1.3.60. The issue is a Cross-Site Request Forgery due to missing nonce validation in the wpr_create_mega_menu_template AJAX function, allowing unauthenticated attackers to cause Mega Menu template creation if a user (admin) is convin...

6.5CVSS6.5AI score0.00348EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2023/01/10 12:0 a.m.13 views

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Request Forgery (CSRF)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4707 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID d1eebd7ac349 Credits Ramuel Gall Require...

6.5CVSS7AI score0.00348EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder