Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.6 views

CVE-2024-3945

The WP To Do plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation on the wptodomanage function. This makes it possible for unauthenticated attackers to add new todo items via a forged...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2024/05/30 5:15 a.m.18 views

CVE-2024-3945

The WP To Do plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation on the wptodomanage function. This makes it possible for unauthenticated attackers to add new todo items via a forged...

4.3CVSS4.7AI score0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/30 4:31 a.m.26 views

CVE-2024-3945 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage()

The WP To Do plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation on the wptodomanage function. This makes it possible for unauthenticated attackers to add new todo items via a forged...

4.3CVSS4.7AI score0.00222EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/30 4:31 a.m.18 views

CVE-2024-3945 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage()

The WP To Do plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation on the wptodomanage function. This makes it possible for unauthenticated attackers to add new todo items via a forged...

4.3CVSS6.5AI score0.00222EPSS
Exploits0References3
Rows per page
Query Builder