25 matches found
EUVD-2023-12778
Malicious code in bioql PyPI...
CVE-2023-0763
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0761
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...
CVE-2023-0762
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack...
CVE-2023-0763
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0761
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...
Cross site request forgery (csrf)
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...
Cross site request forgery (csrf)
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...
CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...
CVE-2023-0761
The CVE-2023-0761 entry concerns a CSRF vulnerability in the Clock In Portal – Staff & Attendance Management WordPress plugin (versions
CVE-2023-0763 Clock In Portal <= 2.1 - Holidays Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0762 Clock In Portal <= 2.1 - Designation Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack...
CVE-2023-0762 Clock In Portal <= 2.1 - Designation Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack...
CVE-2023-0762
CVE-2023-0762 affects the Clock In Portal - Staff & Attendance Management WordPress plugin (versions up to 2.1). The issue is a lack of CSRF protection when deleting designations, which could allow a logged-in attacker to cause admins to delete designations via CSRF. Public vulnerability records ...
WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
WordPress plugin Clock In Portal- Staff & Attendance Management 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
PT-2023-16509 · WordPress · Clock In Portal- Staff & Attendance Management
Name of the Vulnerable Software and Affected Versions: The Clock In Portal- Staff & Attendance Management WordPress plugin versions 2.1 and earlier Description: The issue is related to the lack of a CSRF check when deleting staff members, which could allow attackers to make logged-in admins delet...
PT-2023-16510 · WordPress · Clock In Portal- Staff & Attendance Management
Name of the Vulnerable Software and Affected Versions: The Clock In Portal- Staff & Attendance Management WordPress plugin versions 2.1 and earlier Description: The issue is related to the lack of a CSRF check when deleting designations, which could allow attackers to make logged-in admins delete...