6 matches found
CVE-2024-43338
CVE-2024-43338 is a CSRF vulnerability in Crowdsignal Dashboard – Polls, Surveys & more (WordPress plugin Crowdsignal) affecting versions up to and including 3.1.2. The issue permits Cross Site Request Forgery with CVSS v3.1 base score 4.3 (Medium). Connected Patchstack entries classify the vulne...
CVE-2023-51489
Cross-Site Request Forgery CSRF vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11...
CVE-2023-51489
CVE-2023-51489 is a CSRF vulnerability in the Crowdsignal Dashboard – Polls, Surveys & more by Automattic. The Red Hat advisory confirms the issue as Cross-Site Forgery in Crowdsignal Dashboard – Polls, Surveys & more, affecting Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0....
CVE-2023-51489 WordPress Crowdsignal Polls & Ratings plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11...
CVE-2023-51488
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11...
JVN#56787058: WordPress plugin "WP Job Manager" fails to restrict access permissions
The WordPress plugin "WP Job Manager" provided by Automattic Inc. fails to restrict access permissions. Impact A remote unauthenticated attacker may upload an image file to the server. Solution Update the plugin Update the plugin according to the information provided by the developer. According t...