Lucene search
K

4 matches found

Circl
Circl
added 2025/01/07 5:16 a.m.8 views

CVE-2024-12170

creationtimestamp| type| source ---|---|--- 2025-01-07 05:16:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vgj2vx62i 2025-01-07 16:41:46+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/469...

5.4CVSS8.7AI score0.00182EPSS
Exploits0References2
NVD
NVD
added 2025/01/07 5:15 a.m.17 views

CVE-2024-12170

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS0.00182EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/07 4:22 a.m.15 views

CVE-2024-12170 ViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL Injection

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS0.00182EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/07 4:22 a.m.11 views

CVE-2024-12170 ViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL Injection

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS7.3AI score0.00182EPSS
Exploits0References2
Rows per page
Query Builder