Lucene search
+L

4 matches found

Circl
Circl
added 2025/03/08 11:36 a.m.11 views

CVE-2024-11640

creationtimestamp| type| source ---|---|--- 2025-03-08 11:36:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6943 2025-03-08 13:48:53+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114127125396045176 2025-03-08 15:11:24+00:00| seen| https://t.me/cvedetector/19904 2025-03-...

8.8CVSS8.7AI score0.00301EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/08 11:16 a.m.21 views

CVE-2024-11640 VikRentCar Car Rental Management System <= 1.4.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to change...

8.8CVSS0.00301EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/08 11:16 a.m.8 views

CVE-2024-11640 VikRentCar Car Rental Management System <= 1.4.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to change...

8.8CVSS8.8AI score0.00301EPSS
Exploits0References2
CVE
CVE
added 2025/03/08 11:16 a.m.62 views

CVE-2024-11640

The VikRentCar Car Rental Management System WordPress plugin (versions up to 1.4.2) is affected by a Cross-Site Request Forgery (CSRF) due to missing/incorrect nonce validation on the save function. This enables unauthenticated attackers to manipulate plugin access via forged requests that trick ...

8.8CVSS8.8AI score0.00301EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder