6 matches found
CVE-2023-0500
The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF
The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0500
The CVE CVE-2023-0500 concerns the WordPress plugin WP Film Studio, affected versions up to and including 1.3.4. The underlying issue is the absence of a CSRF check when activating plugins, enabling a CSRF attack to force logged-in admins to activate arbitrary plugins on the blog. Impact is tied ...
CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF
The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
PT-2023-16312 · Unknown · Wp Film Studio
Name of the Vulnerable Software and Affected Versions: WP Film Studio version 1.3.4 and earlier Description: The issue concerns a lack of CSRF check when activating plugins, which could allow attackers to make logged-in admins activate arbitrary plugins present on the blog via a CSRF attack...
WordPress plugin WP Film Studio 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...