Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.8 views

CVE-2024-12554

The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the casregisterpost function. This makes it possible for unauthenticated attackers to blacklist emails via a forged...

5.4CVSS6.4AI score0.00205EPSS
Exploits0References1
Circl
Circl
added 2024/12/18 9:28 a.m.9 views

CVE-2024-12554

creationtimestamp| type| source ---|---|--- 2024-12-18 09:28:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113673114798725226 2024-12-18 12:01:13+00:00| seen| https://t.me/cvedetector/13177...

5.4CVSS7.3AI score0.00205EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/18 9:22 a.m.10 views

CVE-2024-12554 Peter’s Custom Anti-Spam <= 3.2.3 - Cross-Site Request Forgery via cas_register_post Function

The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the casregisterpost function. This makes it possible for unauthenticated attackers to blacklist emails via a forged...

5.4CVSS6.4AI score0.00205EPSS
Exploits0References4
CVE
CVE
added 2024/12/18 9:22 a.m.42 views

CVE-2024-12554

CVE-2024-12554 concerns Peter’s Custom Anti-Spam for WordPress. The issue is a Cross-Site Request Forgery due to missing nonce validation in cas_register_post(), enabling unauthenticated actors to blacklist emails by luring an admin to perform an action. The vulnerability is explicitly documented...

5.4CVSS5.2AI score0.00205EPSS
Exploits0References4
Rows per page
Query Builder