Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:37 p.m.7 views

CVE-2020-36744

The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on the generateconversions function. This makes it possible for unauthenticated attackers to generate conversions via a...

4.3CVSS6.5AI score0.00388EPSS
Exploits0References1
NVD
NVD
added 2023/07/01 5:15 a.m.14 views

CVE-2020-36744

The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on the generateconversions function. This makes it possible for unauthenticated attackers to generate conversions via a...

4.3CVSS4.2AI score0.00388EPSS
Exploits0References9
Cvelist
Cvelist
added 2023/07/01 4:26 a.m.26 views

CVE-2020-36744 NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass

The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on the generateconversions function. This makes it possible for unauthenticated attackers to generate conversions via a...

4.3CVSS4.3AI score0.00388EPSS
Exploits0References9
CVE
CVE
added 2023/07/01 4:26 a.m.33 views

CVE-2020-36744

The CVE-2020-36744 entry concerns the WordPress NotificationX plugin, affected in versions up to 1.8.2. The root cause is missing or incorrect nonce validation in the generate_conversions() function, enabling CSRF where unauthenticated attackers can induce conversions via forged requests if a sit...

4.3CVSS4.2AI score0.00388EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder