WordPress Church Admin Plugin <= 4.1.32 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.1.32 Fixed in 4.2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-34828 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 2d0beb058c1b Credits Dhabaleshwar Das Required...

Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251

Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023, CVE-2020-11022, and CVE-2015-9251. Affected Version/s: 4.0.3, 4.1.1 Fixed Version/s: 4.1.2, 4.0.4, 4.2.0...