PT-2026-48552

Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp action handling AJAX handler. Attackers with an enabled role can delete posts or overwrite plugin settings via the f parameter, bypassing per-function capability checks...

EUVD-2023-50947

Malicious code in bioql PyPI...

CVE-2023-46780

Cross-Site Request Forgery CSRF vulnerability in Alter plugin = 1.0 versions...

CVE-2023-46780

Cross-Site Request Forgery CSRF vulnerability in Alter plugin = 1.0 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Alter plugin = 1.0 versions...

CVE-2023-46780 WordPress Alter Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Alter plugin = 1.0 versions...

CVE-2023-46780

CVE-2023-46780 is a CSRF vulnerability in the WordPress Alter plugin, affecting versions &lt;= 1.0. Root cause: missing or incorrect nonce validation in alter_conf(), enabling unauthenticated forged requests to modify settings. Affected software: Alter plugin for WordPress (

CVE-2023-46780 WordPress Alter Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Alter plugin = 1.0 versions...

PT-2023-30210 · Alter · Alter

Name of the Vulnerable Software and Affected Versions: Alter plugin versions = 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to. No...

WordPress Alter Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Alter Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-46780 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d7c76ecb07a9 Credits Skalucy Required privilege...