4 matches found
WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5cacf0b27060 Credits Francesco Carlucci...
WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Broken Access Control
Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6158 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b43943b2a15f Credits Francesco Carlucci Required...
WordPress Publish to Schedule Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS)
Software Publish to Schedule Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-26519 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 26fceabc3eb9 Credits Rio Darmawan Requir...
WordPress ProfilePress Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS)
Software ProfilePress Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23820 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1dded0badc30 Credits Rafie Muhammad Patchstack...