Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:32 a.m.12 views

CVE-2024-5943

The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.7. This is due to missing or incorrect nonce validation on the 'settingsPage' function and missing santization of the 'tab' parameter. This makes it possible for...

8.8CVSS6.4AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/04 11:34 a.m.40 views

CVE-2024-5943 Nested Pages <= 3.2.7 - Cross-Site Request Forgery to Local File Inclusion

The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.7. This is due to missing or incorrect nonce validation on the 'settingsPage' function and missing santization of the 'tab' parameter. This makes it possible for...

8.8CVSS0.00295EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/04 11:34 a.m.16 views

CVE-2024-5943 Nested Pages <= 3.2.7 - Cross-Site Request Forgery to Local File Inclusion

The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.7. This is due to missing or incorrect nonce validation on the 'settingsPage' function and missing santization of the 'tab' parameter. This makes it possible for...

8.8CVSS6.4AI score0.00295EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/04 12:0 a.m.17 views

WordPress Nested Pages Plugin <= 3.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Nested Pages Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5943 Patch priority Low CVSS severity Low 8.3 Developer Claim ownership PSID ec525e948d0f Credits Bassem Essam Required...

8.8CVSS6.7AI score0.00295EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder