3 matches found
CVE-2023-6980
The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5. This is due to missing or incorrect nonce validation on the 'delete' action of the wp-sms-subscribers...
CVE-2023-6980
creationtimestamp| type| source ---|---|--- 2024-01-03 07:26:13+00:00| seen| https://t.me/ctinow/162222 2024-01-04 01:32:34+00:00| seen| https://t.me/cibsecurity/74280 2024-01-23 08:51:25+00:00| seen| https://t.me/ctinow/171769...
CVE-2023-6980 WP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber Deletion
The WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5. This is due to missing or incorrect nonce validation on the 'delete' action of the wp-sms-subscribers...