11 matches found
EUVD-2020-24187
Malware in sbrugna...
CVE-2020-36746
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
CVE-2020-36746
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
CVE-2020-36746
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
Cross site request forgery (csrf)
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
CVE-2020-36746
The CVE-2020-36746 entry concerns the Menu Swapper WordPress plugin. A CSRF flaw exists in versions up to 1.1.0.2 due to missing or incorrect nonce validation in the mswp_save_meta() function, enabling unauthenticated attackers to save metadata by crafting requests and tricking an administrator. ...
CVE-2020-36746 Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
CVE-2020-36746 Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass
The Menu Swapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0.2. This is due to missing or incorrect nonce validation on the mswpsavemeta function. This makes it possible for unauthenticated attackers to save meta data via a forged reque...
WordPress Plugin Menu Swapper 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2023-11886 · WordPress · Menu Swapper
Name of the Vulnerable Software and Affected Versions: Menu Swapper plugin for WordPress versions up to, and including, 1.1.0.2 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the mswp save meta function. This allows unauthenticated...
WordPress Menu Swapper plugin <= 1.1.0.2 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found by Jerome Bruandet NinTechNet in WordPress Menu Swapper plugin versions = 1.1.0.2. Solution Update the WordPress Menu Swapper plugin to the latest available version at least 1.1.1...