4 matches found
CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
WordPress Blog Introduction plugin <= 0.3.0 - Settings Update via CSRF vulnerability
Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Blog Introduction versions = 0.3.0...
WordPress Blog Introduction Plugin <= 0.3.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Blog Introduction Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5cd399b1013 Credits Daniel Ruf Required...