14 matches found
CVE-2024-4480
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-4480
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-4751
CVE-2024-4751 relates to the WP Prayer II WordPress plugin (
CVE-2024-4751 WP Prayer II <= 2.4.7 - Settings Update via CSRF
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-4751 WP Prayer II <= 2.4.7 - Settings Update via CSRF
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-4480
CVE-2024-4480 concerns the WP Prayer II WordPress plugin (
CVE-2024-4480 WP Prayer II <= 2.4.7 - Email Settings Update via CSRF
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
WordPress plugin WP Prayer II security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin WP Prayer II security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress WP Prayer II plugin <= 2.4.7 - CSRF Leading to Plugin Settings Change vulnerability
CSRF Leading to Plugin Settings Change vulnerability discovered by Bob Matyas in WordPress Plugin WP Prayer II versions = 2.4.7...
WordPress WP Prayer II plugin <= 2.4.7 - CSRF Leading to Email Settings Change vulnerability
CSRF Leading to Email Settings Change vulnerability discovered by Bob Matyas in WordPress Plugin WP Prayer II versions = 2.4.7...
WordPress WP Prayer II Plugin <= 2.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Prayer II Type Plugin Vulnerable versions = 2.4.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4751 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 83189cce9a46 Credits Bob Matyas Required...
WP Prayer II <= 2.4.7 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC Have an admin open an HTML file containing:...
WordPress WP Prayer II Plugin <= 2.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Prayer II Type Plugin Vulnerable versions = 2.4.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4480 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4976d5ae1cf6 Credits Bob Matyas Required...