Lucene search
+L

4 matches found

NVD
NVD
added 2024/05/14 2:45 p.m.13 views

CVE-2024-1230

The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...

4.3CVSS4.7AI score0.00582EPSS
Exploits0References3
CVE
CVE
added 2024/05/09 8:3 p.m.56 views

CVE-2024-1230

Technical details about CVE-2024-1230 are not provided in the supplied documents. Monitor for updates from official advisories.

4.3CVSS6.3AI score0.00582EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/09 8:3 p.m.17 views

CVE-2024-1230 SimpleShop <= 2.10.0 - Cross-Site Request Forgery

The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...

4.3CVSS4.9AI score0.00582EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/05 12:0 a.m.9 views

WordPress SimpleShop Plugin <= 2.10.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software SimpleShop Type Plugin Vulnerable versions = 2.10.0 Fixed in 2.10.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1230 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c9901697dc3 Credits Francesco Carlucci...

4.3CVSS6.6AI score0.00582EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder