7 matches found
WordPress Cooked plugin <= 1.7.15.4 - Multiple Cross Site Request Forgery (CSRF) vulnerability
Multiple Cross Site Request Forgery CSRF vulnerability discovered by RE-ALTER in WordPress Plugin Cooked versions = 1.7.15.4...
CVE-2024-39678
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
CVE-2024-39682 WordPress Cooked Plugin - Authenticated (Contributor+) HTML Injection via Recipe Excerpt
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.7.15.4 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with contributor-level access and above...
CVE-2024-39680 WordPress Cooked Plugin - Cross-Site Request Forgery to Default Recipe Template Save
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39678 WordPress Cooked Plugin - Cross-Site Request Forgery to Get Recipe IDs
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
PT-2024-28621 · WordPress · Cooked
Name of the Vulnerable Software and Affected Versions: Cooked plugin for WordPress versions up to, and including, 1.7.15.4 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the AJAX action handler. This could allow an attacker to...
WordPress plugin Cooked Pro recipe security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...