2 matches found
CVE-2024-10045 Transients Manager <= 2.0.6 - Cross-Site Request Forgery
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the processactions function. This makes it possible for unauthenticated attackers to delete transients via a...
WordPress Transients Manager Plugin <= 2.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Transients Manager Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-10045 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3cec6ef3dda4 Credits David Gallagher...