Lucene search
K

12 matches found

Cvelist
Cvelist
added 2025/01/09 11:11 a.m.13 views

CVE-2024-12515 Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Muslim Prayer Time-Salah/Iqamah plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Masjid ID parameter in all versions up to, and including, 1.8.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00325EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/01/09 12:33 a.m.5 views

WordPress Muslim Prayer Time-Salah/Iqamah plugin <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Muslim Prayer Time-Salah/Iqamah versions = 1.8.8...

6.4CVSS5.7AI score0.00325EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.6 views

PT-2025-1878 · WordPress · Muslim Prayer Time-Salah/Iqamah

Name of the Vulnerable Software and Affected Versions: The Muslim Prayer Time-Salah/Iqamah plugin for WordPress versions up to, and including, 1.8.8 Description: The issue is related to Stored Cross-Site Scripting via the Masjid ID parameter due to insufficient input sanitization and output...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.5 views

WordPress plugin Muslim Prayer Time-Salah/Iqamah 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

6.4CVSS7.7AI score0.00325EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/26 7:35 a.m.3 views

WordPress Muslim Prayer Time BD plugin <= 2.4 - Settings Reset via CSRF vulnerability

Settings Reset via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Muslim Prayer Time BD versions = 2.4...

7.6CVSS7AI score0.00264EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2024/06/26 6:15 a.m.23 views

CVE-2024-4758

The Muslim Prayer Time BD WordPress plugin through 2.4 does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

7.6CVSS0.00264EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/26 6:0 a.m.30 views

CVE-2024-4758 Muslim Prayer Time BD <= 2.4 - Settings Reset via CSRF

The Muslim Prayer Time BD WordPress plugin through 2.4 does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

0.00264EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/06/26 12:0 a.m.5 views

PT-2024-32662 · WordPress · Muslim Prayer Time Bd

Name of the Vulnerable Software and Affected Versions: Muslim Prayer Time BD WordPress plugin versions prior to 2.5 Description: The issue concerns the lack of a CSRF check when resetting settings, which could allow attackers to make a logged-in admin reset them via a CSRF attack. Recommendations...

7.6CVSS6.3AI score0.00264EPSS
Exploits2References3
CNNVD
CNNVD
added 2024/06/26 12:0 a.m.3 views

WordPress Plugin Muslim Prayer Time BD Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.6CVSS6.6AI score0.00264EPSS
Exploits2References2
Patchstack
Patchstack
added 2024/06/26 12:0 a.m.13 views

WordPress Muslim Prayer Time BD Plugin <= 2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Muslim Prayer Time BD Type Plugin Vulnerable versions = 2.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4758 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ee80ee2ae4c1 Credits Bob Matyas Require...

7.6CVSS6.6AI score0.00264EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.12 views

Muslim Prayer Time BD <= 2.4 - Settings Reset via CSRF

Description The plugin does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack PoC Make a logged in admin open an HTML file containing:...

6.3AI score0.00264EPSS
Exploits2
wpexploit
wpexploit
added 2024/06/05 12:0 a.m.170 views

Muslim Prayer Time BD <= 2.4 - Settings Reset via CSRF

Description The plugin does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack Make a logged in admin open an HTML file containing:...

6.7AI score0.00264EPSS
Exploits2
Rows per page
Query Builder