Lucene search
K

6 matches found

OSV
OSV
added 2025/01/30 6:15 a.m.2 views

CVE-2024-12709

The Bulk Me Now! WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

4.3CVSS7.3AI score0.00164EPSS
Exploits1References1
OSV
OSV
added 2025/01/27 6:15 a.m.2 views

CVE-2024-12436

The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

4.3CVSS7.3AI score0.00212EPSS
Exploits1References1
OSV
OSV
added 2024/08/12 1:38 p.m.3 views

CVE-2024-6136

The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

5.4CVSS5.8AI score0.00218EPSS
Exploits1References1
OSV
OSV
added 2024/07/11 6:15 a.m.5 views

CVE-2024-1845

The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS5.8AI score0.00286EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/06/26 5:25 a.m.2 views

WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery

Overview WordPress plugins "WP Tweet Walls" and "Sola Testimonials" provided by Sola Plugins contain a cross-site request forgery vulnerability CWE-352. These vulnerabilities are reported by the following reporters, and JPCERT/CC coordinated with the developer under Information Security Early...

8.1CVSS6.5AI score0.00256EPSS
Exploits0References6
OSV
OSV
added 2023/09/18 9:15 p.m.5 views

CVE-2023-39446

Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application...

8.8CVSS5.8AI score0.00209EPSS
Exploits0References1
Rows per page
Query Builder