3 matches found
CVE-2024-12003
creationtimestamp| type| source ---|---|--- 2024-12-06 09:36:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113605199823333797 2024-12-06 10:35:57+00:00| seen| https://t.me/cvedetector/12184...
CVE-2024-12003 WP System <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the generatewpsystempagecontent function. This makes it possible for unauthenticated attackers to inject malicious we...
CVE-2024-12003 WP System <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the generatewpsystempagecontent function. This makes it possible for unauthenticated attackers to inject malicious we...