5 matches found
CVE-2024-1755
The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-1755
The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-1755
CVE-2024-1755 affects the WordPress plugin “NPS computy” up to version 2.7.5, where missing CSRF checks in certain code paths could allow an attacker to cause logged-in users to perform unintended actions. The issue is documented as CSRF across multiple sources, with a remediation stating that ve...
CVE-2024-1755 NPS computy <= 2.7.5 - Results Deletion via CSRF
The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
WordPress NPS computy Plugin < 2.7.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software NPS computy Type Plugin Vulnerable versions 2.7.6 Fixed in 2.7.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1755 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f3b2b0b2003c Credits Bob Matyas Required...