3 matches found
EUVD-2024-44023
Malicious code in bioql PyPI...
CVE-2024-4390
CVE-2024-4390 affects Slider & Popup Builder by Depicter for WordPress. The root cause is Arbitrary Nonce Generation in versions up to 3.0.2, enabling authenticated attackers with contributor-level access to forge nonce for WordPress actions protected by nonce checks. The CVE is rated Medium (CVS...
CVE-2024-4390 Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/functio...