3 matches found
WordPress Play.ht Plugin <= 3.6.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Play.ht Type Plugin Vulnerable versions = 3.6.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0827 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f23f219c4e4b Credits Francesco Carlucci Required...
CVE-2024-0827
The CVE CVE-2024-0827 affects the WordPress plugin Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio, vulnerable in all versions up to 3.6.4 due to missing or incorrect nonce validation in several functions. This CSRF flaw could allow unauthenticated attackers to invoke those fu...
CVE-2024-0827 Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Cross-Site Request Forgery
The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.4. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticat...