10 matches found
CVE-2023-49839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49838
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme
Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...
CVE-2023-49838
CVE-2023-49838 : CSRF in KlbTheme themes (Clotya up to 1.1.6; Cosmetsy up to 1.7.7; Furnob up to 1.2.2; Bacola up to 1.3.3; Partdo up to 1.1.1; Medibazar up to 1.8.6; Machic up to 1.2.8). Root cause per description: missing CSRF checks in some locations, enabling unauthorized actions via forged r...
CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
CVE-2023-49839
CVE-2023-49839 is a reflected XSS in KlbTheme core plugins (Cosmetsy, Partdo, Bacola, Medibazar, Furnob, Clotya) caused by improper neutralization of input during web page generation. Affected versions include Cosmetsy up to 1.3.0; Partdo up to 1.0.9; Bacola up to 1.3.3; Medibazar up to 1.2.3; Fu...
CVE-2023-49839 Reflected Cross-Site Scripting vulnerability in multiple WordPress components by KlbTheme
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KlbTheme Cosmetsy theme core plugin, KlbTheme Partdo theme core plugin, KlbTheme Bacola theme core plugin, KlbTheme Medibazar theme core plugin, KlbTheme Furnob theme core plugin, KlbTheme Clotya...
PT-2024-13814 · Klbtheme · Klbtheme Medibazar +6
Name of the Vulnerable Software and Affected Versions: KlbTheme Clotya theme versions 1.1.6 and earlier KlbTheme Cosmetsy theme versions 1.7.7 and earlier KlbTheme Furnob theme versions 1.2.2 and earlier KlbTheme Bacola theme versions 1.3.3 and earlier KlbTheme Partdo theme versions 1.1.1 and...
WordPress Clotya Theme <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Clotya Type Theme Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e7b0b3057668 Credits RE-ALTER Required privilege...