Lucene search
+L

85 matches found

CNNVD
CNNVD
added 2022/04/11 12:0 a.m.6 views

WordPress plugin 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the...

4.3CVSS5.1AI score0.00432EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2022/04/11 12:0 a.m.22 views

eRoom < 1.3.9 - Cache Deletion via CSRF

The plugin does not have CSRF check in place when deleting cache, which could allow attackers to make logged in users delete cache via a CSRF attack...

4.3CVSS4.8AI score0.00432EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.20 views

WordPress eRoom plugin <= 1.3.8 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cache Deletion

Cross-Site Request Forgery CSRF vulnerability leading to Cache Deletion discovered by Ex.Mi Patchstack in WordPress eRoom plugin versions = 1.3.8. Solution Update the WordPress eRoom plugin to the latest available version at least 1.3.9...

4.3CVSS3.4AI score0.00432EPSS
Exploits0References2Affected Software1
Huntr
Huntr
added 2021/10/11 4:34 p.m.10 views

Cross-Site Request Forgery (CSRF) in flatcore/flatcore-cms

Description 1 Missing CSRF token in delete posts and delete folder in the frontend 2 Missing backend CSRF validation in 1 removing and enabling fix status and 2 deleting posts, and 3 delete folder and 4 delexclude in the indexing page see Permalinks 3 Delete cache Proof of Concept Open in...

2.4AI score
Exploits0
Huntr
Huntr
added 2021/09/13 6:47 a.m.12 views

Cross-Site Request Forgery (CSRF) in e107inc/e107

✍️ Description Attacker or malicious user is able to delete all caches if a logged in user visits attacker website. because lack of CSRF token. 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally all caches are cleared //POC.html...

1.3AI score
Exploits0
Rows per page
Query Builder