CVE-2022-41781 WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability

Broken Access Control vulnerability in Permalink Manager Lite plugin = 2.2.20 on WordPress...

WordPress plugin Permalink Manager Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

WordPress Permalink Manager Lite Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Permalink Manager Lite 2.2.20.1 and prior versions, which stems from missing or...

PT-2022-26071 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin versions = 2.2.20 Description: The issue is related to a Broken Access Control vulnerability. Recommendations: For Permalink Manager Lite plugin versions = 2.2.20, update to a version higher than 2.2.20 to resolv...

CVE-2022-4021

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

Cross site request forgery (csrf)

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021

The CVE-2022-4021 entry concerns the WordPress Permalink Manager Lite plugin (vulnerable up to and including 2.2.20.1) with a CSRF flaw in the extra_actions function due to missing/incorrect nonce validation. This allows unauthenticated attackers to alter plugin settings, including permalinks and...

CVE-2022-4021 Permalink Manager Lite <= 2.2.20.1 - Cross-Site Request Forgery

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021 Permalink Manager Lite <= 2.2.20.1 - Cross-Site Request Forgery

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

Permalink Manager Lite < 2.2.20.2 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress plugin Permalink Manager Lite 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Permalink Manager Lite 2.2.20.1 and prior versions, which stems from missing or...

PT-2022-25285 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin for WordPress versions up to, and including, 2.2.20.1 Description: The issue is due to missing or incorrect nonce validation on the extra actions function, making it possible for unauthenticated attackers to chan...

Permalink Manager Lite < 2.2.20.1 - Unauthenticated URI Deletion

The plugin does not have authorisation checks when deleting URI, which could allow unauthenticated attackers to delete them...

WordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Premmerce Permalink Manager for WooCommerce plugin versions = 2.3.4. Solution Update the WordPress Premmerce Permalink Manager for WooCommerce plugin to the latest available version at least 2.3.5...

WordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Premmerce Permalink Manager for WooCommerce plugin versions = 2.3.4. Solution Update the WordPress Premmerce Permalink Manager for WooCommerce plugin to the latest available version at least 2.3.5...

WordPress Permalink Manager Lit and Permalink Manager Pro plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in WordPress Permalink Manager Lite and Permalink Manager Pro plugins prior to version 2.2.15, which stems from the plugin's failure to clean up and...

CVE-2022-0201

The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue...

CVE-2022-0201

The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue...

CVE-2022-0201

The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue...