4 matches found
CVE-2024-1230
The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...
CVE-2024-1230
Technical details about CVE-2024-1230 are not provided in the supplied documents. Monitor for updates from official advisories.
CVE-2024-1230 SimpleShop <= 2.10.0 - Cross-Site Request Forgery
The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...
WordPress SimpleShop Plugin <= 2.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software SimpleShop Type Plugin Vulnerable versions = 2.10.0 Fixed in 2.10.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1230 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0c9901697dc3 Credits Francesco Carlucci...