Lucene search
K

51 matches found

Prion
Prion
added 2022/07/18 5:15 p.m.16 views

Cross site request forgery (csrf)

The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeedduplicatefeed. This make it possible for unauthenticated attackers to duplicate...

4.3CVSS4.6AI score0.00342EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/07/18 12:0 a.m.4 views

WordPress plugin Image Slider 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Image Slider 1.1.1...

5.4CVSS5.1AI score0.00342EPSS
Exploits0References4
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress Delete Duplicate Posts plugin < 4.7.6 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Delete Duplicate Posts plugin versions 4.7.6. Solution Update the WordPress Delete Duplicate Posts plugin to the latest available version at least 4.7.6...

1.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.12 views

WordPress Delete Duplicate Posts plugin < 4.7.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Delete Duplicate Posts plugin versions 4.7.6. Solution Update the WordPress Delete Duplicate Posts plugin to the latest available version at least 4.7.6...

3.8AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/11/22 12:0 a.m.13 views

Logo Carousel < 3.4.2 - Unauthorised Private Post Access

The plugin allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature PoC 1 Go to Logo Carousel - Shortcode Generator. 2 If there is no carousel, create one. 3 Copy URL of the "Duplicate" link under the...

8.1CVSS1.4AI score0.01006EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2019/03/05 12:0 a.m.10 views

WordPress Delete Duplicate Posts plugin <= 4.1.9.4 - Authenticated Option Update vulnerability (Fremius Library security issue)

Authenticated Option Update vulnerability Fremius Library security issue in WordPress Delete Duplicate Posts plugin versions = 4.1.9.4. Solution Update the WordPress Delete Duplicate Posts plugin to the latest available version at least 4.1.9.5...

2.9AI score
Exploits0References2Affected Software1
Prion
Prion
added 2018/06/26 4:29 p.m.16 views

Cross site request forgery (csrf)

Tooltipy tooltips for WP version 5 contains a Cross ite Request Forgery CSRF vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1...

4.3CVSS6.7AI score0.00529EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/06/26 4:29 p.m.2 views

CVE-2018-1000505

Tooltipy tooltips for WP version 5 contains a Cross ite Request Forgery CSRF vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1...

6.5CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2018/06/26 4:29 p.m.17 views

CVE-2018-1000505

Tooltipy tooltips for WP version 5 contains a Cross ite Request Forgery CSRF vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1...

6.5CVSS6.7AI score0.00529EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.27 views

CVE-2018-1000505

Tooltipy tooltips for WP version 5 contains a Cross ite Request Forgery CSRF vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1...

6.7AI score0.00529EPSS
Exploits1References1
CVE
CVE
added 2018/06/26 4:0 p.m.41 views

CVE-2018-1000505

Tooltipy (tooltips for WP) version 5 contains a Cross-Site Request Forgery (CSRF) vulnerability in the Settings page that could allow an attacker to cause a post to be duplicated. The issue is exploitable via a link the admin must follow, and affects the plugin’s 5.x line. It is stated to be fixe...

6.5CVSS6.6AI score0.00529EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder