CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2024/05/14 3:39 p.m.•17 views

CVE-2024-34828

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.32...

4.3CVSS5AI score0.00253EPSS

CVE•added 2024/05/10 8:16 a.m.•29 views

CVE-2024-34828

CVE-2024-34828 is a Cross-Site Request Forgery (CSRF) vulnerability in the Church Admin WordPress plugin. Multiple sources confirm the issue affects Church Admin up to version 4.1.32. The Red Hat entry and Wordfence vulnerability data describe the vulnerability as CSRF/CSRF-like, and the Church A...

4.3CVSS5.9AI score0.00253EPSS

Vulnrichment•added 2024/05/10 8:16 a.m.•14 views

CVE-2024-34828 WordPress Church Admin plugin <= 4.1.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.32...

4.3CVSS7AI score0.00253EPSS

Patchstack•added 2024/05/09 12:0 a.m.•11 views

WordPress Church Admin Plugin <= 4.1.32 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.1.32 Fixed in 4.2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-34828 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 2d0beb058c1b Credits Dhabaleshwar Das Required...

4.3CVSS6.6AI score0.00253EPSS

Openbugbounty•added 2024/04/17 2:39 p.m.•13 views

andyharman.com Cross Site Scripting vulnerability OBB-3918626

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

OSV•added 2024/04/15 9:15 a.m.•1 views

CVE-2024-32090

Cross-Site Request Forgery CSRF vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.0.27...

4.3CVSS5.8AI score0.00216EPSS

NVD•added 2024/04/15 9:15 a.m.•7 views

CVE-2024-32090

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.0.27...

4.3CVSS4.6AI score0.00216EPSS

CVE•added 2024/04/15 9:2 a.m.•56 views

CVE-2024-32090

CVE-2024-32090 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin Church Admin (Church Admin) up to version 4.0.27. The connected Red Hat advisory and Wordfence vulnerability details confirm CSRF as the root cause and indicate affected software is Church Admin for...

4.3CVSS5.9AI score0.00216EPSS

Patchstack•added 2024/04/11 12:0 a.m.•10 views

WordPress Church Admin Plugin <= 4.0.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.0.27 Fixed in 4.0.28 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32090 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 74fcfce5e41d Credits Dhabaleshwar Das Required...

4.3CVSS6.6AI score0.00216EPSS

NVD•added 2024/04/07 6:15 p.m.•9 views

CVE-2024-31280

Unrestricted Upload of File with Dangerous Type vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.5...

9.9CVSS9.6AI score0.00625EPSS

Positive Technologies•added 2024/04/07 12:0 a.m.•5 views

PT-2024-23926

Name of the Vulnerable Software and Affected Versions Church Admin versions n/a through 4.1.5 Description The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin. This allows for the upload of files with potentially dangerous types, whic...

9.9CVSS8.2AI score0.00625EPSS

Exploits0References4

Hacker One•added 2024/04/05 3:13 p.m.•55 views

Internet Bug Bounty: CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64

The CVE-2019-1551 vulnerability was an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli in the OpenSSL library. The vulnerability was found and reported by researchers. The issue was mitigated in the 1.1.1 and 1.0.2 versions of OpenSSL...

5.3CVSS5.9AI score0.14298EPSS

Exploits0

VulnCheck KEV•added 2024/04/05 12:0 a.m.•3 views

VulnCheck KEV: CVE-2024-31281

Missing Authorization vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.6...

6.3CVSS7.3AI score0.00342EPSS

OSV•added 2024/03/29 3:15 p.m.•2 views

CVE-2024-30505

Missing Authorization vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.18...

5.4CVSS7.3AI score0.00468EPSS

NVD•added 2024/03/29 2:15 p.m.•10 views

CVE-2024-30493

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.7...

4.3CVSS4.6AI score0.00214EPSS

OSV•added 2024/03/29 2:15 p.m.•1 views

CVE-2024-30493

Cross-Site Request Forgery CSRF vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.7...

4.3CVSS7.3AI score

CVE•added 2024/03/29 2:12 p.m.•56 views

CVE-2024-30505

CVE-2024-30505 is a Missing Authorization vulnerability affecting WordPress Church Admin plugin. Affected versions are Church Admin: n/a through 4.1.18. Reported in connected RH documentation; CVSS v3.1 base score 5.4 (Medium). The issue stems from missing authorization checks, enabling unauthori...

6.5CVSS7.2AI score0.00468EPSS

Vulnrichment•added 2024/03/29 1:51 p.m.•16 views

CVE-2024-30493 WordPress Church Admin plugin <= 4.1.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.7...

4.3CVSS7AI score0.00214EPSS