CVE-2024-1360

creationtimestamp| type| source ---|---|--- 2024-02-23 12:26:18+00:00| seen| https://t.me/ctinow/191676 2024-02-23 12:26:22+00:00| seen| https://t.me/ctinow/191680 2024-03-13 16:41:43+00:00| seen| https://t.me/ctinow/206874...

CVE-2024-1360

The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.94. This is due to missing or incorrect nonce validation on the colibriwpinstallplugin function. This makes it possible for unauthenticated attackers to install recommended...

CVE-2024-1360

The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.94. This is due to missing or incorrect nonce validation on the colibriwpinstallplugin function. This makes it possible for unauthenticated attackers to install recommended...

CVE-2024-1360

CVE-2024-1360 affects the Colibri WP Theme for WordPress. The issue is a Cross-Site Request Forgery due to missing or incorrect nonce validation in the colibriwp_install_plugin() function, permitting unauthenticated attackers to cause a site admin to install requested plugins by tricking them int...

WordPress Colibri WP Theme <= 1.0.94 is vulnerable to Cross Site Request Forgery (CSRF)

Software Colibri WP Type Theme Vulnerable versions = 1.0.94 Fixed in 1.0.101 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1360 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6ff4c5ce12a4 Credits Lucio Sá Required...