23 matches found
PT-2024-33584 · WordPress · Endless Posts Navigation
Name of the Vulnerable Software and Affected Versions: Endless Posts Navigation versions n/a through 2.2.7 Description: A Cross-Site Request Forgery CSRF issue in Endless Posts Navigation allows Stored XSS. This means an attacker can perform actions on behalf of a user without their knowledge,...
WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Endless Posts Navigation versions = 2.2.7...
WordPress Endless Posts Navigation Plugin <= 2.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Endless Posts Navigation Type Plugin Vulnerable versions = 2.2.7 Fixed in 2.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49629 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c607ad01f6a Credits...