6 matches found
CVE-2024-4312
The Soccer Engine – Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation when saving match and team settings. This makes it possible for unauthenticated attacke...
CVE-2024-4312
The Soccer Engine – Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation when saving match and team settings. This makes it possible for unauthenticated attacke...
CVE-2024-4312 Soccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request Forgery
The Soccer Engine – Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation when saving match and team settings. This makes it possible for unauthenticated attacke...
CVE-2024-4312
CVE-2024-4312 concerns the Soccer Engine – Soccer Plugin for WordPress, vulnerable to Cross-Site Request Forgery in versions up to 1.12 due to missing or incorrect nonce validation when saving match and team settings. The vulnerability could allow unauthenticated attackers to change plugin settin...
CVE-2024-4312 Soccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request Forgery
The Soccer Engine – Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation when saving match and team settings. This makes it possible for unauthenticated attacke...
WordPress Soccer Engine Plugin <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF)
Software Soccer Engine Type Plugin Vulnerable versions = 1.12 Fixed in 1.13 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4312 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bea2020faba5 Credits Benedictus Jovan aillesi...