3 matches found
CVE-2024-0428
creationtimestamp| type| source ---|---|--- 2024-02-05 23:31:30+00:00| seen| https://t.me/ctinow/179601...
CVE-2024-0428
CVE-2024-0428 concerns the WordPress plugin Index Now. A CSRF vulnerability exists in all versions up to 2.6.3 caused by missing or improper nonce validation in the reset_form function, enabling unauthenticated attackers to delete arbitrary site options via a forged request if a site admin is tri...
WordPress Index Now Plugin <= 2.6.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Index Now Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0428 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1df75eded923 Credits Francesco Carlucci Require...