4 matches found
CVE-2025-1506
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...
CVE-2025-1506
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...
CVE-2025-1506
CVE-2025-1506 documents confirm a Cross-Site Forgery (CSRF) vulnerability in the WordPress plugin “Wp Social Login and Register Social Counter” up to version 3.1.0. The root cause is missing or incorrect nonce validation on the counter_access_key_setup() function, enabling unauthenticated attacke...
CVE-2025-1506 Wp Social Login and Register Social Counter <= 3.1.0 - Cross-Site Request Forgery to Settings Update
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counteraccesskeysetup function. This makes it possible for unauthenticated...