Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.6 views

CVE-2023-2495

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF...

4.3CVSS6.8AI score0.00267EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/10 12:40 p.m.27 views

CVE-2023-2495 Greeklish-permalink < 3.5 - Unauthenticated Post Slug Update

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF...

5AI score0.00267EPSS
Exploits2References1
CVE
CVE
added 2023/07/10 12:40 p.m.46 views

CVE-2023-2495

CVE-2023-2495 concerns the Greeklish-permalink WordPress plugin (≤ 3.3). The vulnerability arises from missing authorization/nonce checks in the cyrtrans_ajax_old AJAX action, enabling unauthenticated and low-privilege users to trigger the plugin’s slug-changing function, directly or via CSRF. Th...

4.3CVSS4.9AI score0.00267EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/06/21 12:0 a.m.13 views

WordPress Greeklish-permalink Plugin <= 3.3 is vulnerable to Privilege Escalation

Software Greeklish-permalink Type Plugin Vulnerable versions = 3.3 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-2495 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID fc7e9236dbd8 Credits Jonas Höbenreich Required...

4.3CVSS6.5AI score0.00267EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder