EUVD-2022-25108

Malicious code in bioql PyPI...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

WordPress CaPa Protect plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress CaPa Protect plugin is vulnerable to cross-site request forgery, which stems from the failu...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

Cross site request forgery (csrf)

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

CVE-2022-1832

The CVE-2022-1832 entry concerns the CaPa Protect WordPress plugin (versions up to 0.5.8.2). The vulnerability arises from a missing CSRF check when updating settings, enabling a logged-in attacker to coerce an admin into changing settings and potentially disable the protection. Exploitation is v...

CVE-2022-1832 CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF

The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection...

WordPress plugin CaPa Protect 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress CaPa Protect plugin is vulnerable to cross-site request forgery, which stems from the failu...

CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection. HTMLFormElement.prototype.submit.call document.getElementById"test" ;...

WordPress CaPa Protect plugin <= 0.5.8.2 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Settings Update via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress CaPa Protect plugin versions = 0.5.8.2. Solution Deactivate and delete. This plugin has been closed as of May 23, 2022 and is not available for download. This closure is temporary,...