3 matches found
CVE-2024-1760
creationtimestamp| type| source ---|---|--- 2024-03-06 07:26:44+00:00| seen| https://t.me/ctinow/201061 2024-03-06 07:31:10+00:00| seen| https://t.me/ctinow/201065...
CVE-2024-1760 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data Reset
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.6.20. This is due to missing or incorrect nonce validation on the ssafactoryreset function. This makes it...
WordPress Simply Schedule Appointments Plugin <= 1.6.6.20 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simply Schedule Appointments Type Plugin Vulnerable versions = 1.6.6.20 Fixed in 1.6.6.24 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1760 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 41bce45152e6 Credits...