6 matches found
CVE-2023-32960
Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a malicious actor to log in as any user-provided information about email address is already known. Tracked as CVE-2023-2982 CVSS score: 9.8, the authentication bypass flaw...
CVE-2023-32960
Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...
CVE-2023-32960 WordPress UpdraftPlus Plugin <= 1.23.3 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...
CVE-2023-32960
CVE-2023-32960 affects the WordPress UpdraftPlus Backup Plugin prior to or up to version 1.23.3. The vulnerability is a CSRF that enables sitewide XSS when exploited by a logged-in user or via crafted requests, as described in multiple sources. The OpenVAS advisory notes a fix path at 1.23.4, whi...
WordPress UpdraftPlus Plugin <= 1.23.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software UpdraftPlus Type Plugin Vulnerable versions = 1.23.3 Fixed in 1.23.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32960 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID d64e914c934f Credits Rafie Muhammad...