EUVD-2021-11692

Malware in sbrugna...

WordPress Single Post Exporter plugin cross-site request forgery vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . Single Post Exporter plugin is a WordPress open source application plugin. WordPress Single Post Exporter plugin in version 1.1 and earlier contains a cross-site request forgery vulnerability, whic...

CVE-2021-24780

The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users would then be able...

CVE-2021-24780

The CVE-2021-24780 entries describe a CSRF vulnerability in the WordPress plugin “Single Post Exporter” versions up to 1.1.1, where saving settings lacks CSRF checks. Root cause: missing CSRF validation in the settings update function, which can let an authenticated attacker change settings and g...

WordPress 插件跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . Single Post Exporter plugin is a WordPress open source application plugin. WordPress Single Post Exporter plugin in version 1.1 and earlier contains a cross-site request forgery vulnerability, whic...

WordPress Single Post Exporter plugin <= 1.1.1 - Cross-Site Request Forgery (CSRF) vulnerability leading to Plugin Settings Update

Cross-Site Request Forgery CSRF vulnerability leading to Plugin Settings Update discovered by Francesco Carlucci in WordPress Single Post Exporter plugin versions = 1.1.1. Solution Deactivate and delete. This plugin has been closed as of September 23, 2021 and is not available for download. This...