5 matches found
EUVD-2023-54811
Malicious code in bioql PyPI...
CVE-2023-4975
The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. This is due to missing or incorrect nonce validation on functionality in the builder.php file. This makes it possible for unauthenticated attackers to chan...
CVE-2023-4975
The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. This is due to missing or incorrect nonce validation on functionality in the builder.php file. This makes it possible for unauthenticated attackers to chan...
Cross site request forgery (csrf)
The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. This is due to missing or incorrect nonce validation on functionality in the builder.php file. This makes it possible for unauthenticated attackers to chan...
CVE-2023-4975
CVE-2023-4975 affects WordPress: Website Builder by SeedProd (Coming Soon/Theme Builder) up to version 6.15.13.1. The issue is CSRF in builder.php due to missing/incorrect nonce validation, enabling unauthenticated attackers to cause a settings update (e.g., changing the Stripe Connect token) by ...