2 matches found
CVE-2025-6040 Easy Flashcards <= 0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Easy Flashcards plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1. This is due to missing or incorrect nonce validation on the 'efsettingssubmenu' page. This makes it possible for unauthenticated attackers to update settings and inject...
WordPress Easy Flashcards plugin <= 0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Easy Flashcards versions = 0.1...