2 matches found
CVE-2024-1162
CVE-2024-1162 overview (Orbit Fox, ThemeIsle, WordPress) : The Orbit Fox plugin (ThemeIsle) for WordPress is vulnerable to Cross-Site Forgery via a missing/incorrect nonce validation in the register_reference() function, affecting versions up to and including 2.10.29. This CSRF flaw can allow una...
WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.29 is vulnerable to Cross Site Request Forgery (CSRF)
Software Orbit Fox by ThemeIsle Type Plugin Vulnerable versions = 2.10.29 Fixed in 2.10.230 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1162 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4eb624d90158 Credits Francesc...