Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 1:53 a.m.7 views

CVE-2023-2495

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF...

4.3CVSS6.8AI score0.00267EPSS
Exploits2References1
cvelist
cvelist
added 2023/07/10 12:40 p.m.29 views

CVE-2023-2495 Greeklish-permalink < 3.5 - Unauthenticated Post Slug Update

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF...

5AI score0.00267EPSS
Exploits2References1
cve
cve
added 2023/07/10 12:40 p.m.46 views

CVE-2023-2495

CVE-2023-2495 concerns the Greeklish-permalink WordPress plugin (≤ 3.3). The vulnerability arises from missing authorization/nonce checks in the cyrtrans_ajax_old AJAX action, enabling unauthenticated and low-privilege users to trigger the plugin’s slug-changing function, directly or via CSRF. Th...

4.3CVSS4.9AI score0.00267EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2023/06/21 12:0 a.m.14 views

WordPress Greeklish-permalink Plugin <= 3.3 is vulnerable to Privilege Escalation

Software Greeklish-permalink Type Plugin Vulnerable versions = 3.3 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE CVE-2023-2495 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID fc7e9236dbd8 Credits Jonas Höbenreich Required...

4.3CVSS6.5AI score0.00267EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder