3 matches found
CVE-2024-4082 Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery
The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the...
CVE-2024-4082
CVE-2024-4082 : The Joli FAQ SEO – WordPress FAQ Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 1.3.2 due to missing nonce validation when saving settings. This enables unauthenticated attackers to change plugin settings by inducing an administrator action....
WordPress Joli FAQ SEO – WordPress FAQ Plugin Plugin <= 1.3.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Joli FAQ SEO – WordPress FAQ Plugin Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4082 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 58b281b80ddf Credits...