Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/09/12 6:0 a.m.22 views

CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF

The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

0.0019EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/12 6:0 a.m.11 views

CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF

The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.8AI score0.0019EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/08/27 1:36 a.m.4 views

WordPress Blog Introduction plugin <= 0.3.0 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Blog Introduction versions = 0.3.0...

6.5CVSS7AI score0.0019EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/27 12:0 a.m.10 views

WordPress Blog Introduction Plugin <= 0.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blog Introduction Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5cd399b1013 Credits Daniel Ruf Required...

6.5CVSS6.7AI score0.0019EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder