Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:41 a.m.5 views

CVE-2024-33646

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS5.1AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2024/04/29 5:15 a.m.13 views

CVE-2024-33646

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS6.7AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/29 4:57 a.m.19 views

CVE-2024-33646 WordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS.This issue affects Sticky Anything: from n/a through 2.1.5...

7.1CVSS6.8AI score0.00185EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 4:57 a.m.52 views

CVE-2024-33646

CVE-2024-33646 (Sticky Anything, Toast plugin) affects the WordPress plugin Sticky Anything (Toast Stick Anything) up to version 2.1.5. The connected documents indicate a Missing Authorization issue that allows a CSRF attack to trigger a Cross‑Site Scripting (XSS) condition. The description from ...

7.1CVSS5.1AI score0.00185EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/25 12:0 a.m.8 views

WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Broken Access Control

Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33646 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID da01f8f0e18d Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00185EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder