4 matches found
CVE-2022-36424
Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...
CVE-2022-36424
CVE-2022-36424 documents a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Easy Appointments, affecting versions up to and including 3.11.9. The issue, caused by insufficient CSRF protection for multiple AJAX actions, could allow an attacker to trigger unintended actions o...
CVE-2022-36424 WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...
WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software Easy Appointments Type Plugin Vulnerable versions = 3.11.9 Fixed in 3.11.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-36424 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7ad0fdcdf557 Credits István Márton...