71 matches found
CVE-2024-39681 WordPress Cooked Plugin - Cross-Site Request Forgery to Apply Template to All Recipes
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39681 WordPress Cooked Plugin - Cross-Site Request Forgery to Apply Template to All Recipes
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39681 WordPress Cooked Plugin - Cross-Site Request Forgery to Apply Template to All Recipes
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39680 WordPress Cooked Plugin - Cross-Site Request Forgery to Default Recipe Template Save
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39680 WordPress Cooked Plugin - Cross-Site Request Forgery to Default Recipe Template Save
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39680
CVE-2024-39680 affects the WordPress plugin Cooked – Recipe Management . Connected sources confirm CSRF in versions up to and including 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler; this could allow an attacker to trick authenticated users into performing unint...
CVE-2024-39680 WordPress Cooked Plugin - Cross-Site Request Forgery to Default Recipe Template Save
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39679 WordPress Cooked Plugin - Cross-Site Request Forgery to Recipe Template Reset
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39679 WordPress Cooked Plugin - Cross-Site Request Forgery to Recipe Template Reset
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39679
Cooked – Recipe Management (WordPress) has a CSRF vulnerability up to version 1.7.15.4 due to missing or improper nonce validation on the AJAX action handler. As described in multiple sources, this could allow an attacker to coerce authenticated users into performing unintended actions. The issue...
CVE-2024-39679 WordPress Cooked Plugin - Cross-Site Request Forgery to Recipe Template Reset
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39678 WordPress Cooked Plugin - Cross-Site Request Forgery to Get Recipe IDs
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
CVE-2024-39678 WordPress Cooked Plugin - Cross-Site Request Forgery to Get Recipe IDs
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
CVE-2024-39678 WordPress Cooked Plugin - Cross-Site Request Forgery to Get Recipe IDs
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
PT-2024-28618 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked plugin for WordPress versions up to, and including, 1.7.15.4 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the AJAX action handler. This could allow an attacker to...
PT-2024-28617 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked versions up to, and including, 1.7.15.4 Description: The Cooked plugin for WordPress is affected by a Cross-Site Request Forgery CSRF issue due to missing or incorrect nonce validation on the AJAX action handler. This could allow an...
PT-2024-28620 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked plugin for WordPress versions up to, and including, 1.7.15.4 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the AJAX action handler. This could allow an attacker to...
PT-2024-28621 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked plugin for WordPress versions up to, and including, 1.7.15.4 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the AJAX action handler. This could allow an attacker to...
CVE-2024-39310 WordPress Basil Theme Authenticated (Contributor+) Persistent Cross-Site Scripting Vulnerability
The Basil recipe theme for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the posttitle parameter in versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access...
CVE-2024-39310
The CVE-2024-39310 involves the Basil recipe theme for WordPress. Affected versions are