Lucene search
K

6 matches found

NVD
NVD
added 2023/03/27 4:15 p.m.19 views

CVE-2023-0500

The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.5CVSS6.4AI score0.00307EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/03/27 3:37 p.m.6 views

CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF

The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.7AI score0.00307EPSS
Exploits2References1
CVE
CVE
added 2023/03/27 3:37 p.m.55 views

CVE-2023-0500

The CVE CVE-2023-0500 concerns the WordPress plugin WP Film Studio, affected versions up to and including 1.3.4. The underlying issue is the absence of a CSRF check when activating plugins, enabling a CSRF attack to force logged-in admins to activate arbitrary plugins on the blog. Impact is tied ...

6.5CVSS6.3AI score0.00307EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/03/27 3:37 p.m.26 views

CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF

The WP Film Studio WordPress plugin before 1.3.5 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.6AI score0.00307EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.6 views

PT-2023-16312 · Unknown · Wp Film Studio

Name of the Vulnerable Software and Affected Versions: WP Film Studio version 1.3.4 and earlier Description: The issue concerns a lack of CSRF check when activating plugins, which could allow attackers to make logged-in admins activate arbitrary plugins present on the blog via a CSRF attack...

6.5CVSS6.9AI score0.00307EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.9 views

WordPress plugin WP Film Studio 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.5CVSS6.9AI score0.00307EPSS
Exploits2References3
Rows per page
Query Builder