4 matches found
CVE-2024-37435
creationtimestamp| type| source ---|---|--- 2025-01-02 12:18:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2pdlh3f2i 2025-01-02 17:08:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113759859602137887...
CVE-2024-37435 WordPress Perfect Portfolio theme <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in raratheme Perfect Portfolio perfect-portfolio allows Cross Site Request Forgery.This issue affects Perfect Portfolio: from n/a through = 1.2.0...
CVE-2024-37435
CVE-2024-37435 describes a Cross-Site Request Forgery (CSRF) in the WordPress theme “Perfect Portfolio.” Affected: Perfect Portfolio versions up to 1.2.0 (listed as from n/a through 1.2.0). Root cause: CSRF enabling unauthorized actions via crafted requests. Impact (per CVSS v3.1 in the sources):...
WordPress Perfect Portfolio Theme <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Perfect Portfolio Type Theme Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 073cf0103125 Credits Dhabaleshwar Das...