2 matches found
CVE-2026-6396
creationtimestamp| type| source ---|---|--- 2026-04-22 12:58:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3kfevktc2h 2026-04-25 16:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mkdhrt47wy24...
CVE-2026-6396
CVE-2026-6396 concerns the WordPress plugin “Fast & Fancy Filter – 3F” (versions up to and including 1.2.2). The issue arises from missing nonce verification in the saveFields() function, which handles the fff_save_settins AJAX action. This design flaw allows unauthenticated attackers to forge re...