3 matches found
CVE-2024-0892 Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery
The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the MarkUpdate function. This makes it possible for unauthenticated attackers to update and delete...
CVE-2024-0892 Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery
The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the MarkUpdate function. This makes it possible for unauthenticated attackers to update and delete...
WordPress Schema App Structured Data Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Schema App Structured Data Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0892 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c2993c18775c Credits Francesco...