8 matches found
CVE-2020-36738
The Cool Timeline Horizontal & Vertical Timeline plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctlsave function. This makes it possible for unauthenticated attackers to save fie...
CVE-2020-36738
The Cool Timeline Horizontal & Vertical Timeline plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctlsave function. This makes it possible for unauthenticated attackers to save fie...
CVE-2020-36738
The CVE pertains to the WordPress plugin Cool Timeline (Horizontal & Vertical Timeline). A CSRF vulnerability exists in versions up to 2.0.2 due to missing or incorrect nonce validation in the ctl_save() function, enabling unauthenticated attackers to save field icons via forged requests if they ...
CVE-2020-36738 Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass
The Cool Timeline Horizontal & Vertical Timeline plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctlsave function. This makes it possible for unauthenticated attackers to save fie...
CVE-2020-36738 Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass
The Cool Timeline Horizontal & Vertical Timeline plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctlsave function. This makes it possible for unauthenticated attackers to save fie...
WordPress Plugin Cool Timeline 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress Cool Timeline plugin <= 2.3.3 - Arbitrary Plugin Activation vulnerability
Arbitrary Plugin Activation vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Cool Timeline plugin versions = 2.3.3. Solution Update the WordPress Cool Timeline plugin to the latest available version at least 2.4...
WordPress Cool Timeline plugin <= 2.3.3 - Arbitrary Plugin Installation vulnerability
Arbitrary Plugin Installation vulnerability discovered by Jerome Bruandet NinTechNet in WordPress Cool Timeline plugin versions = 2.3.3. Solution Update the WordPress Cool Timeline plugin to the latest available version at least 2.4...