19 matches found
EUVD-2023-59021
Malicious code in bioql PyPI...
EUVD-2024-31390
Malicious code in bioql PyPI...
CVE-2024-33678
Cross-Site Request Forgery CSRF vulnerability in eranfl ClickCease Click Fraud Protection clickcease-click-fraud-protection.This issue affects ClickCease Click Fraud Protection: from n/a through = 3.2.7...
CVE-2023-6810
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to...
CVE-2023-6810
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to...
CVE-2023-6810 ClickCease Click Fraud Protection <= 3.2.4 - Improper Authorization to sensitive information exposure via get_settings
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to...
CVE-2023-6810 ClickCease Click Fraud Protection <= 3.2.4 - Improper Authorization to sensitive information exposure via get_settings
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access and above, to...
CVE-2023-6810
The CVE describes CVE-2023-6810: ClickCease Click Fraud Protection (WordPress) has an improper capability check in get_settings, allowing authenticated users with author access and above to retrieve the plugin’s API keys. Affected versions are up to 3.2.4. The Red Hat entry and Wordfence state th...
WordPress plugin ClickCease Click Fraud Protection 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress ClickCease Click Fraud Protection plugin <= 3.2.4 - Improper Authorization to sensitive information exposure via get_settings vulnerability
Improper Authorization to sensitive information exposure via getsettings vulnerability discovered by Francesco Carlucci in WordPress Plugin ClickCease Click Fraud Protection versions = 3.2.4...
WordPress ClickCease Click Fraud Protection Plugin <= 3.2.4 is vulnerable to Sensitive Data Exposure
Software ClickCease Click Fraud Protection Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6810 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3a24e46ebbd4 Credits Francesc...
ClickCease Click Fraud Protection < 3.2.5 - Improper Authorization to sensitive information exposure via get_settings
Description The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the getsettings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author access a...
CVE-2024-33678
Cross-Site Request Forgery CSRF vulnerability in eranfl ClickCease Click Fraud Protection clickcease-click-fraud-protection.This issue affects ClickCease Click Fraud Protection: from n/a through = 3.2.7...
CVE-2024-33678 WordPress ClickCease Click Fraud Protection plugin <= 3.2.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in eranfl ClickCease Click Fraud Protection clickcease-click-fraud-protection.This issue affects ClickCease Click Fraud Protection: from n/a through = 3.2.7...
CVE-2024-33678 WordPress ClickCease Click Fraud Protection plugin <= 3.2.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ClickCease ClickCease Click Fraud Protection.This issue affects ClickCease Click Fraud Protection: from n/a through 3.2.4...
CVE-2024-33678
CVE-2024-33678 corresponds to a Cross-Site Request Forgery (CSRF) vulnerability in the ClickCease Click Fraud Protection plugin by eranfl. Public records note this affects ClickCease Click Fraud Protection releases up to version 3.2.7 (no fixed version disclosed in the provided documents). The Re...
WordPress plugin ClickCease Click Fraud Protection 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists...
WordPress ClickCease Click Fraud Protection Plugin <= 3.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software ClickCease Click Fraud Protection Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-33678 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c376a3fb1460 Credits...
PT-2024-25433 · Clickcease · Clickcease Click Fraud Protection
Name of the Vulnerable Software and Affected Versions: ClickCease Click Fraud Protection versions n/a through 3.2.4 Description: A Cross-Site Request Forgery CSRF issue affects ClickCease Click Fraud Protection. This type of issue allows an attacker to perform unintended actions on a web...