4 matches found
CVE-2023-0763
creationtimestamp| type| source ---|---|--- 2023-05-15 16:43:13+00:00| seen| https://t.me/cibsecurity/64123 2025-01-24 21:05:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3024...
CVE-2023-0763
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0763 Clock In Portal <= 2.1 - Holidays Deletion via CSRF
The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...
CVE-2023-0763
CVE-2023-0763 concerns the Clock In Portal – Staff & Attendance Management WordPress plugin (≤ v2.1). The vulnerability stems from a missing CSRF check when deleting Holidays, enabling a logged-in attacker to trigger a CSRF attack that could cause admins to delete arbitrary holidays. The provided...