3 matches found
CVE-2024-13710
The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0. This is due to missing or incorrect nonce validation on the 'estatebudsettings' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13710
creationtimestamp| type| source ---|---|--- 2025-03-25 09:24:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8634 2025-03-25 11:08:04+00:00| seen| https://t.me/cvedetector/21077...
CVE-2024-13710 Estatebud – Properties & Listings <= 5.5.0 - Cross-Site Request Forgery to Settings Update
The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0. This is due to missing or incorrect nonce validation on the 'estatebudsettings' page. This makes it possible for unauthenticated attackers to update...