Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12780

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00278EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:56 a.m.6 views

CVE-2023-0763

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...

4.3CVSS5.7AI score0.00278EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.8 views

CVE-2023-0763 Clock In Portal <= 2.1 - Holidays Deletion via CSRF

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack...

4.6AI score0.00278EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.5 views

PT-2023-16511 · WordPress · Clock In Portal- Staff & Attendance Management

Name of the Vulnerable Software and Affected Versions: The Clock In Portal- Staff & Attendance Management WordPress plugin versions 2.1 and earlier Description: The issue is related to the lack of a CSRF check when deleting holidays, which could allow attackers to make logged-in admins delete...

4.3CVSS9.4AI score0.00278EPSS
Exploits2References5
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.17 views

Clock In Portal <= 2.1 - Holidays Deletion via CSRF

The plugin does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack PoC Make a logged in admin open a page with the code below, this will make them delete the Holiday with ID 1...

4.3CVSS8.4AI score0.00278EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2023/04/18 12:0 a.m.140 views

Clock In Portal <= 2.1 - Holidays Deletion via CSRF

The plugin does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack Make a logged in admin open a page with the code below, this will make them delete the Holiday with ID 1...

4.3CVSS8.5AI score0.00278EPSS
Exploits2
Rows per page
Query Builder