6 matches found
EUVD-2023-12552
Malicious code in bioql PyPI...
CVE-2023-0504
The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf Patchstack Alliance in WordPress Plugin HT Politic versions = 2.4.4...
WordPress HT Politic Plugin < 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software HT Politic Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0504 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55ae20212639 Credits Lana Codes Required privile...
CVE-2023-0504
The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0504 HT Politic < 2.3.8 - Arbitrary Plugin Activation via CSRF
The HT Politic WordPress plugin before 2.3.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...