Lucene search
K

5 matches found

EUVD
EUVD
added 2026/04/08 9:32 p.m.6 views

EUVD-2024-33803

The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the saveoption function. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS7.2AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.7 views

CVE-2024-11416

The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the saveoption function. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6.4AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2024/11/21 2:6 a.m.47 views

CVE-2024-11416

CVE-2024-11416 affects the WIP Incoming Lite WordPress plugin (versions

6.1CVSS5.9AI score0.00262EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.5 views

WordPress plugin WIP Incoming Lite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

6.1CVSS8.3AI score0.00262EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.16 views

WordPress WIP Incoming Lite Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WIP Incoming Lite Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11416 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d449e884123c Credits SOPROBRO Requir...

6.1CVSS6AI score0.00262EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder