Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin = 3.4.1 versions...

CVE-2023-40202

CVE-2023-40202 concerns the WP HTML Mail plugin (WordPress) up to version 3.4.1. Technical sources indicate an unauthenticated CSRF flaw that allows an attacker to trigger actions such as test email sending without valid authorization, enabling cross-site request forgery against admins. The vulne...

WordPress plugin 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress WP HTML Mail plugin in version 3.0.9 and earlier is vulnerable to a cross-site scripting vulnerability tha...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8 A cross-site request forger...