4 matches found
CVE-2024-13522
The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect nonce validation on the 'magayo-lottery-results' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13522
creationtimestamp| type| source ---|---|--- 2025-02-18 05:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligiyga24q2o 2025-02-18 11:39:00+00:00| seen| Telegram/09-SGBFbI98PdFagZtCMShiRu40wzwW7j9mCPvyybcDpB0cG...
CVE-2024-13522
The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect nonce validation on the 'magayo-lottery-results' page. This makes it possible for unauthenticated attackers to update...
CVE-2024-13522 magayo Lottery Results <= 2.0.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect nonce validation on the 'magayo-lottery-results' page. This makes it possible for unauthenticated attackers to update...