5 matches found
Tumult Hype Animations < 1.9.12 - Cross-Site Request Forgery to Cross-Site Scripting
Description The Tumult Hype Animations plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.11. This is due to missing or incorrect nonce validation on the hypeanimationsupdatecontainer function. This makes it possible for unauthenticated...
CVE-2024-30460
Cross-Site Request Forgery CSRF vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11...
CVE-2024-30460
CVE-2024-30460 concerns a Cross-Site Request Forgery in the WordPress plugin Tumult Hype Animations (versions
CVE-2024-30460 WordPress Tumult Hype Animations plugin <= 1.9.11 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11...
WordPress Tumult Hype Animations Plugin <= 1.9.11 is vulnerable to Cross Site Request Forgery (CSRF)
Software Tumult Hype Animations Type Plugin Vulnerable versions = 1.9.11 Fixed in 1.9.12 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-30460 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c704327afb62 Credits Majed Refaea...