Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.7 views

CVE-2023-2067

The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce validation on the 'bulletinwpupdatebulletinstatus', 'bulletinwpupdatebulletin', 'bulletinwpupdatesettings', 'bulletinwpupdatestatus',...

6.3CVSS6.5AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2023/06/09 5:33 a.m.52 views

CVE-2023-2067

Summary (CVE-2023-2067) The WordPress plugin Announcement & Notification Banner – Bulletin (Bulletin) suffers a CSRF flaw from missing nonce validation in admin AJAX handlers: bulletinwp_update_bulletin_status, bulletinwp_update_bulletin, bulletinwp_update_settings, bulletinwp_update_status, bull...

6.3CVSS6.1AI score0.00288EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.25 views

CVE-2023-2067 Announcement & Notification Banner – Bulletin <= 3.7.0 - Cross-Site Request Forgery

The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce validation on the 'bulletinwpupdatebulletinstatus', 'bulletinwpupdatebulletin', 'bulletinwpupdatesettings', 'bulletinwpupdatestatus',...

6.3CVSS6.7AI score0.00288EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/05/11 12:0 a.m.16 views

WordPress WordPress Announcement & Notification Banner Plugin – Bulletin Plugin <= 3.7.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software WordPress Announcement & Notification Banner Plugin – Bulletin Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.7.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2067 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership...

6.3CVSS6.9AI score0.00288EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder