4 matches found
CVE-2020-36760
The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect nonce validation on the addcoreextensionsbundlevalidation function. This makes it possible for unauthenticated attackers to validate...
CVE-2020-36760
creationtimestamp| type| source ---|---|--- 2023-07-12 12:35:47+00:00| seen| https://t.me/cibsecurity/66479...
CVE-2020-36760
CVE-2020-36760 affects the Ocean Extra plugin for WordPress (versions up to 1.6.5). The root cause is missing or incorrect nonce validation in the add_core_extensions_bundle_validation() function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to validate extension bun...
CVE-2020-36760 Ocean Extra <=1.6.5 - Cross-Site Request Forgery Bypass
The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect nonce validation on the addcoreextensionsbundlevalidation function. This makes it possible for unauthenticated attackers to validate...