2 matches found
CVE-2024-12005
The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wpbibtexoptionpage function. This makes it possible for unauthenticated attackers to inject malicious web scripts...
CVE-2024-12005 WP-BibTeX <= 3.0.1 - Cross-Site Request Forgery to Stored and Reflected Cross-Site Scripting
The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wpbibtexoptionpage function. This makes it possible for unauthenticated attackers to inject malicious web scripts...