4 matches found
EUVD-2023-57849
Malicious code in bioql PyPI...
CVE-2023-5537
The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing nonce validation on the delumetoptionspage function. This makes it possible for unauthenticated attackers to remove user meta for arbitrary users vi...
Cross site request forgery (csrf)
The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing nonce validation on the delumetoptionspage function. This makes it possible for unauthenticated attackers to remove user meta for arbitrary users vi...
PT-2023-32162 · WordPress · Delete Usermeta
Name of the Vulnerable Software and Affected Versions: Delete Usermeta plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is due to missing nonce validation on the delumet options page function, making it possible for unauthenticated attackers to remove user meta for...