4 matches found
WordPress Advanced AJAX Page Loader Plugin <= 2.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Advanced AJAX Page Loader Type Plugin Vulnerable versions = 2.7.7 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6310 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID b14ebfbe3313 Credits István Márto...
CVE-2016-10929
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in...
CVE-2016-10929
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in...
CVE-2016-10929
The CVE-2016-10929 entry concerns the WordPress plugin “advanced-ajax-page-loader” prior to version 2.7.7. The vulnerability is that there is no protection against reading uploaded files when the user is not logged in, enabling unauthenticated access to uploaded content. The available connected d...