2 matches found
CVE-2026-1208
The CVE-2026-1208 entry concerns the WordPress plugin Friendly Functions for Welcart (versions up to and including 1.2.5). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw caused by missing or incorrect nonce validation on the plugin settings page, allowing unauthenticated attackers ...
WordPress Friendly Functions for Welcart plugin <= 1.2.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Friendly Functions for Welcart versions = 1.2.4...