WordPress plugin WP-Recall Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

CVE-2024-1175

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deletepayment' function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers to delete...

WordPress WP-Recall plugin <= 16.26.6 - Unauthenticated Payment Deletion via delete_payment vulnerability

Unauthenticated Payment Deletion via deletepayment vulnerability discovered by Francesco Carlucci in WordPress Plugin WP-Recall versions = 16.26.6...

PT-2024-17229 · WordPress · Wp-Recall

Name of the Vulnerable Software and Affected Versions: WP-Recall – Registration, Profile, Commerce & More plugin for WordPress versions up to, and including, 16.26.6 Description: The issue is related to unauthorized loss of data due to a missing capability check on the delete payment function. Th...

WordPress WP-Recall plugin <= 16.26.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.6...