2 matches found
WordPress WebwinkelKeur Plugin <= 3.24 is vulnerable to Cross Site Request Forgery (CSRF)
Software WebwinkelKeur Type Plugin Vulnerable versions = 3.24 Fixed in 3.25 OWASP Top 10 A2: Broken Authentication Classification Cross Site Request Forgery CSRF CVE CVE-2023-36691 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 3b517566e749 Credits qilin99 Required...
WordPress Zendrop – Global Dropshipping Plugin <= 1.0.0 is vulnerable to Arbitrary File Upload
Software Zendrop – Global Dropshipping Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.0.1 OWASP Top 10 A2: Broken Authentication Classification Arbitrary File Upload CVE CVE-2023-25970 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 180f30af21a8 Credits Dave Jong...