Lucene search
+L

4 matches found

circl
circl
added 2025/01/07 5:16 a.m.10 views

CVE-2024-12170

creationtimestamp| type| source ---|---|--- 2025-01-07 05:16:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vgj2vx62i 2025-01-07 16:41:46+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/469...

5.4CVSS8.7AI score0.00182EPSS
Exploits0References2
nvd
nvd
added 2025/01/07 5:15 a.m.18 views

CVE-2024-12170

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS0.00182EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/01/07 4:22 a.m.12 views

CVE-2024-12170 ViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL Injection

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS7.3AI score0.00182EPSS
Exploits0References2
cvelist
cvelist
added 2025/01/07 4:22 a.m.17 views

CVE-2024-12170 ViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL Injection

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.15. This is due to missing or incorrect nonce validation on the 'Viewmedica-Admin' page. This makes it possible for unauthenticated attackers to inject arbitrary SQL queries...

5.4CVSS0.00182EPSS
Exploits0References3
Rows per page
Query Builder