6 matches found
EUVD-2023-54122
Malicious code in bioql PyPI...
CVE-2023-4251
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks...
CVE-2023-4251 EventPrime < 3.2.0 - Booking Creation via CSRF
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks...
CVE-2023-4251 EventPrime < 3.2.0 - Booking Creation via CSRF
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks...
CVE-2023-5519 EventPrime < 3.2.0 - Booking Creation via CSRF
The EventPrime WordPress plugin before 3.2.0 does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks...
EventPrime < 3.2.0 - Booking Creation via CSRF
Description The plugin does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks. Create an Event, noting its ID. Add a ticket type to the Event the details don't matter. As a logged-in user, visit a page with t...