Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/06/03 12:0 a.m.8 views

WordPress Shield Security Plugin <= 19.1.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Shield Security Type Plugin Vulnerable versions = 19.1.10 Fixed in 19.1.11 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4344 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cbf7668e1a87 Credits Christian Angel...

4.3CVSS6.6AI score0.00219EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/02 5:15 a.m.15 views

CVE-2024-4344

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.1.13. This is due to missing or incorrect nonce validation on the exec function. This makes it possible for...

4.3CVSS4.7AI score0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/02 4:30 a.m.11 views

CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.1.13. This is due to missing or incorrect nonce validation on the exec function. This makes it possible for...

4.3CVSS6.4AI score0.00219EPSS
Exploits0References3
CVE
CVE
added 2024/06/02 4:30 a.m.25 views

CVE-2024-4344

CVE-2024-4344 concerns the Shield Security – Smart Bot Blocking & Intrusion Prevention Security WordPress plugin. It is vulnerable to Cross-Site Request Forgery in all versions up to and including 19.1.13. The root cause is missing or incorrect nonce validation on the exec function, enabling unau...

4.3CVSS4.6AI score0.00219EPSS
Exploits0References3
Rows per page
Query Builder