CVE-2024-10045

The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the processactions function. This makes it possible for unauthenticated attackers to delete transients via a...

CVE-2024-10045

The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the processactions function. This makes it possible for unauthenticated attackers to delete transients via a...

CVE-2024-10045 Transients Manager <= 2.0.6 - Cross-Site Request Forgery

The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the processactions function. This makes it possible for unauthenticated attackers to delete transients via a...

CVE-2024-10045

CVE-2024-10045 affects the WordPress plugin Transients Manager (versions

CVE-2024-10045 Transients Manager <= 2.0.6 - Cross-Site Request Forgery

The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the processactions function. This makes it possible for unauthenticated attackers to delete transients via a...

PT-2024-15993 · WordPress · Transients Manager

Name of the Vulnerable Software and Affected Versions: Transients Manager plugin for WordPress version 2.0.6 and earlier Description: The issue is due to missing or incorrect nonce validation on the process actions function, making it possible for unauthenticated attackers to delete transients vi...

WordPress plugin Transients Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Transients Manager plugin <= 2.0.6 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by David Gallagher BatFeats in WordPress Plugin Transients Manager versions = 2.0.6...

WordPress Transients Manager Plugin <= 2.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Transients Manager Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-10045 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3cec6ef3dda4 Credits David Gallagher...