2 matches found
CVE-2024-1642
CVE-2024-1642 affects the MainWP Dashboard: WordPress Manager for Multiple Websites Maintenance plugin. The issue is a Cross-Site Request Forgery (CSRF) in the posting_bulk function caused by missing/incorrect nonce validation, allowing unauthenticated attackers to delete arbitrary posts if a sit...
WordPress MainWP Plugin <= 4.6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software MainWP Type Plugin Vulnerable versions = 4.6.0.1 Fixed in 5.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1642 Patch priority Low CVSS severity Low 4.3 Developer MainWP PSID 4e2dc997b3cf Credits Krzysztof Zając Required privilege...