CVE-2024-4082

The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the...

CVE-2024-4082

The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the...

CVE-2024-4082 Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery

The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the...

CVE-2024-4082

CVE-2024-4082 : The Joli FAQ SEO – WordPress FAQ Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 1.3.2 due to missing nonce validation when saving settings. This enables unauthenticated attackers to change plugin settings by inducing an administrator action....

WordPress Joli FAQ SEO – WordPress FAQ Plugin plugin <= 1.3.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Joli FAQ SEO – WordPress FAQ Plugin versions = 1.3.2...

Joli FAQ SEO – WordPress FAQ Plugin < 1.3.3 - Cross-Site Request Forgery

Description The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to chan...

WordPress Joli FAQ SEO – WordPress FAQ Plugin Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Joli FAQ SEO – WordPress FAQ Plugin Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c8ec0f71765 Credits Rafie Muhammad...

WordPress Joli FAQ SEO – WordPress FAQ plugin <= 1.0.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Joli FAQ SEO – WordPress FAQ plugin versions = 1.0.3. Solution Update the WordPress Joli FAQ SEO – WordPress FAQ plugin to the latest available version at least 1.0.4...

WordPress Joli FAQ SEO – WordPress FAQ plugin <= 1.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Joli FAQ SEO – WordPress FAQ plugin versions = 1.0.3. Solution Update the WordPress Joli FAQ SEO – WordPress FAQ plugin to the latest available version at least 1.0.4...