10 matches found
EUVD-2023-58444
Malicious code in bioql PyPI...
EUVD-2023-58445
Malicious code in bioql PyPI...
CVE-2023-6197
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the audiomerchantsavesettings function. This makes it possible for unauthenticated attackers to modify the...
CVE-2023-6196
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audiomerchantaddaudiofile function. This makes it possible for unauthenticated attackers to upload...
CVE-2023-6197
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the audiomerchantsavesettings function. This makes it possible for unauthenticated attackers to modify the...
CVE-2023-6196
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audiomerchantaddaudiofile function. This makes it possible for unauthenticated attackers to upload...
CVE-2023-6196
CVE-2023-6196 (Audio Merchant, WordPress) : The vulnerability is a Cross-Site Request Forgery in all versions up to 5.0.4 caused by missing or incorrect nonce validation in audio_merchant_add_audio_file. This permits unauthenticated attackers to upload arbitrary files by tricking an administrator...
CVE-2023-6196 Audio Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audiomerchantaddaudiofile function. This makes it possible for unauthenticated attackers to upload...
WordPress Plugin Audio Merchant Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Audio Merchant 5.0...
PT-2023-32562 · WordPress · Audio Merchant
Name of the Vulnerable Software and Affected Versions: The Audio Merchant plugin for WordPress versions up to, and including, 5.0.4 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the audio merchant add audio file function. This allo...