10 matches found
CVE-2026-24384
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384 WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
CVE-2026-24384
CVE-2026-24384 is a CSRF vulnerability in the WordPress plugin Merge + Minify + Refresh (launchinteractive). Affected versions are from n/a through 2.14. Red Hat and CIRCL entries confirm the vulnerability and indicate a patch has been issued; public exploit details are not provided. No explicit ...
CVE-2026-24384 WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
PT-2026-4268
Cross-Site Request Forgery CSRF vulnerability in launchinteractive Merge + Minify + Refresh merge-minify-refresh allows Cross Site Request Forgery.This issue affects Merge + Minify + Refresh: from n/a through = 2.14...
WordPress plugin Merge + Minify + Refresh has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Mrreee in WordPress Plugin Merge + Minify + Refresh versions = 2.14...
Merge + Minify + Refresh < 1.10.7 - Authenticated Arbitrary File Delete
The plugin relied on the isadmin check, without checking the user's capabilities, when deleting arbitrary files. The functionality was also vulnerable to Cross-site Request Forgery CSRF allowing attackers to delete arbitrary files by tricking authenticated users into visiting a page they...