3 matches found
CVE-2025-0796
creationtimestamp| type| source ---|---|--- 2025-02-18 05:17:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligj2fvrvu2y 2025-02-18 07:36:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ligqt4fxrn2m 2025-02-18 09:16:51+00:00| seen|...
CVE-2025-0796
The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...
CVE-2025-0796 Mortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings Reset
The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequalresetdefaults' action. This makes it possible for unauthenticated attackers to reset...