CVE-2024-3824

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

CVE-2024-4758

The Muslim Prayer Time BD WordPress plugin through 2.4 does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

CVE-2021-25092

The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack...

CVE-2024-10634

The CVE-2024-10634 entry concerns the Nokaut Offers Box WordPress plugin (versions ≤ 1.4.0). Affected component: plugin settings update logic lacking CSRF protection, enabling a CSRF attack that could cause a logged-in administrator to reset the plugin. Exploitation details are not provided beyon...

CVE-2024-13580

The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

CVE-2024-13580

The CVE-2024-13580 vulnerability affects the XV Random Quotes WordPress plugin (