Lucene search
K

35 matches found

Prion
Prion
added 2022/06/20 11:15 a.m.20 views

Cross site request forgery (csrf)

The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS6.3AI score0.00513EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/20 10:26 a.m.27 views

CVE-2022-1828 PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The PDF24 Articles To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.6AI score0.00513EPSS
Exploits2References1
CVE
CVE
added 2022/06/20 10:26 a.m.77 views

CVE-2022-1828

Affected software: PDF24 Articles To PDF WordPress plugin (

6.5CVSS6.3AI score0.00513EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/20 10:26 a.m.24 views

CVE-2022-1827 PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.6AI score0.00513EPSS
Exploits2References1
CVE
CVE
added 2022/06/20 10:26 a.m.91 views

CVE-2022-1827

The CVE-2022-1827 entry concerns the WordPress plugin PDF24 Articles To PDF (up to version 4.2.2). The root cause is a missing CSRF check when updating plugin settings, enabling a logged-in attacker to cause a logged-in administrator to alter configuration via a CSRF attack. Public references in ...

6.5CVSS6.3AI score0.00513EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.3 views

WordPress plugin PDF24 Articles To PDF 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress PDF24 Articles To PDF plugin 4.2.2 and earlier versions have a cross-site request forgery...

6.5CVSS5.5AI score0.00513EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.6 views

WordPress plugin PDF24 Articles To PDF 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin PDF24 Articles To PDF 4.2.2 and earlier versions are vulnerable to cross-site reques...

6.5CVSS5.4AI score0.00513EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC .pdf24Plugin-cp border:1px solid silver; .pdf24Plugin-cp inputtype="text" width:200px; border:1px solid silver; margin:0; padding:2px;...

6.5CVSS2.2AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC .pdf24Plugin-cp border:1px solid silver; .pdf24Plugin-cp inputtype="text" width:200px; border:1px solid silver; margin:0; padding:2px;...

6.5CVSS2.2AI score0.00513EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.143 views

PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack input t...

6.5CVSS0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.164 views

PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack input t...

6.5CVSS0.00513EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2020/12/21 12:0 a.m.4 views

November 30, 2020—KB4586853 (OS Builds 19041.662 and 19042.662) Preview

November 30, 2020—KB4586853 OS Builds 19041.662 and 19042.662 Preview 11/10/20 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2020. There will be a monthly security...

6.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/12/10 12:0 a.m.26 views

December 8, 2020—KB4592473 (OS Build 15063.2584)

December 8, 2020—KB4592473 OS Build 15063.2584 Current status of Windows 10, version 1703 Surface Hub devices remain in support. Starting on November 12, 2019, updates for Windows 10, version 1703 will be available only for Surface Hub devices. Update information and Surface Hub known issues will...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/12/08 8:0 a.m.153 views

December 8, 2020—KB4592484 (Monthly Rollup)

December 8, 2020—KB4592484 Monthly Rollup NEW 12/8/20 IMPORTANT Adobe Flash Player will go out of support on December 31, 2020. For more information, see Adobe Flash end of support on December 31, 2020. Flash content will be blocked from running in Flash Player beginning January 12, 2021. For mor...

9CVSS6.6AI score0.18653EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2020/12/08 8:0 a.m.257 views

December 8, 2020—KB4593226 (OS Build 14393.4104) - EXPIRED

December 8, 2020—KB4593226 OS Build 14393.4104 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...

9.9CVSS6.9AI score0.18653EPSS
Exploits0
Rows per page
Query Builder