10 matches found
EUVD-2022-51771
Malicious code in bioql PyPI...
CVE-2022-4426
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack...
CVE-2022-4426
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack...
CVE-2022-4426
The CVE covers the Mautic Integration for WooCommerce WordPress plugin prior to version 1.0.3, where updates to settings lack proper CSRF checks and do not validate that updated options belong to the plugin. This enables a logged-in administrator to change arbitrary blog options via a CSRF attack...
CVE-2022-4426 Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack...
CVE-2022-4426 Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack...
WordPress Plugin Mautic Integration for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2023-14438 · WordPress · Mautic Integration For Woocommerce
Name of the Vulnerable Software and Affected Versions: Mautic Integration for WooCommerce WordPress plugin versions prior to 1.0.3 Description: The issue is related to a lack of proper CSRF check when updating settings, and the failure to ensure that the options to be updated belong to the plugin...
Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF
The plugin does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack. The attack could also be performed via a LFI if one is present ...
Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF
The plugin does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack. The attack could also be performed via a LFI if one is present ...