3 matches found
CVE-2024-13753
creationtimestamp| type| source ---|---|--- 2025-02-20 11:49:32+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114036057912346467 2025-02-20 12:41:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3limctgdc5x2y 2025-02-20 13:09:02+00:00| seen|...
CVE-2024-13753 Ultimate Classified Listings <= 1.5 - Cross-Site Request Forgery to Account Takeover
The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the updateprofile function. This makes it possible for unauthenticated attackers to modify victim's...
CVE-2024-13753 Ultimate Classified Listings <= 1.5 - Cross-Site Request Forgery to Account Takeover
The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the updateprofile function. This makes it possible for unauthenticated attackers to modify victim's...