8 matches found
CVE-2024-1976
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
Cross site request forgery (csrf)
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976 Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...
CVE-2024-1976
CVE-2024-1976 : Marketing Optimizer (WordPress plugin) is vulnerable to Cross-Site Request Forgery that can lead to Stored Cross-Site Scripting via admin/main-settings-page.php. The issue arises from missing or incorrect nonce validation, allowing unauthenticated attackers to update plugin settin...
WordPress Marketing Optimizer Plugin <= 20200925 is vulnerable to Cross Site Request Forgery (CSRF)
Software Marketing Optimizer Type Plugin Vulnerable versions = 20200925 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1976 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 0dafd9769ab2 Credits suzuki kaito...
WordPress Plugin Marketing Optimizer plugin for WordPress Security Vulnerabilities
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...