Lucene search
K

6 matches found

EUVD
EUVD
added 2026/05/12 9:31 a.m.21 views

EUVD-2026-29409

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaAppsAdminAppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:48 a.m.9 views

CVE-2026-6710

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaAppsAdminAppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/12 7:48 a.m.6 views

CVE-2026-6710 Skysa Text Ticker App <= 1.4 - Cross-Site Request Forgery to Settings Modification via 'Save Settings' Form

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaAppsAdminAppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.65 views

CVE-2026-6710 Skysa Text Ticker App <= 1.4 - Cross-Site Request Forgery to Settings Modification via 'Save Settings' Form

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaAppsAdminAppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-39964

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaApps Admin AppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/05/11 7:4 p.m.8 views

WordPress Skysa Text Ticker App plugin <= 1.4 - Cross-Site Request Forgery to Settings Modification vulnerability

Cross-Site Request Forgery to Settings Modification vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Skysa Text Ticker App versions = 1.4...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder