EUVD-2024-22101

Malicious code in bioql PyPI...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-24702

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-24702

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-24702

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-24702

CVE-2024-24702 is a CSRF vulnerability in the WordPress plugin Page Restrict (versions up to and including 2.5.5). The issue allows an attacker to perform unintended actions on behalf of an authenticated user via a CSRF vector, with CVSSv3.1 base metrics indicating a HIGH impact on confidentialit...

CVE-2024-24702 WordPress Page Restrict Plugin <= 2.5.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-24702 WordPress Page Restrict Plugin <= 2.5.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

Information disclosure

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-0682

CVE-2024-0682 affects the Page Restrict plugin for WordPress. It allows information disclosure by unauthenticated actors due to inadequate REST API access restrictions for private posts in all versions up to 2.5.5. Base CVSS 3.1 is 5.3 (Medium), Confidentiality impact: Low. No public remediation ...

CVE-2024-0682 Page Restrict <= 2.5.5 - Protection Mechanism Bypass

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

PT-2024-20498 · Unknown · Page Restrict

Name of the Vulnerable Software and Affected Versions: Page Restrict versions 2.5.5 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue allows an attacker to trick a user into performing unintended actions on a web application that the user is...

Page Restrict <= 2.5.5 - Unauthenticated Protected Post Access

Description The plugin is vulnerable to information disclosure due to the plugin not properly restricting access to posts via the REST API when a page has been made private, allowing unauthenticated attackers to view protected posts...

WordPress Plugin Page Restrict Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin Page Restrict Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Page Restrict Plugin <= 2.5.5 is vulnerable to Bypass Vulnerability

Software Page Restrict Type Plugin Vulnerable versions = 2.5.5 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0682 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e5dc30bc662f Credits Francesco Carlucci Required privilege...

Page Restrict <= 2.5.5 - Cross-Site Request Forgery via pr_admin_page

Description The Page Restrict plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.5. This is due to missing or incorrect nonce validation on the 'pradminpage' function. This makes it possible for unauthenticated attackers to modify the plugin...