Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.10 views

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS5.4AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 9:16 a.m.21 views

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS0.00132EPSS
Exploits0References7
CVE
CVE
added 2026/06/02 7:48 a.m.21 views

CVE-2026-8422

CVE-2026-8422 concerns the WordPress plugin Remove meta boxes per user role (versions up to and including 1.01). The vulnerability stems from missing or incorrect nonce validation on the remove-meta-boxes-per-user-role page, enabling CSRF. This could allow unauthenticated attackers to modify or r...

4.3CVSS5.7AI score0.00132EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/02 7:48 a.m.12 views

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS5.7AI score0.00132EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/02 7:48 a.m.12 views

CVE-2026-8422 Remove meta boxes per user role <= 1.01 - Cross-Site Request Forgery to Settings Update

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS5.7AI score0.00132EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

WordPress plugin Remove meta boxes per user role 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.3AI score0.00132EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.21 views

PT-2026-45709

Name of the Vulnerable Software and Affected Versions Remove meta boxes per user role versions prior to 1.02 Description The plugin is subject to Cross-Site Request Forgery, a flaw where an attacker tricks a victim into executing an unwanted action. This occurs due to missing or incorrect nonce...

4.3CVSS5.4AI score0.00132EPSS
Exploits0References11
Patchstack
Patchstack
added 2026/06/01 7:43 p.m.11 views

WordPress Remove meta boxes per user role plugin <= 1.01 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin Remove meta boxes per user role versions = 1.01...

4.3CVSS5.8AI score0.00132EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/12 5:15 a.m.11 views

Cross site request forgery (csrf)

The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This is due to missing or incorrect nonce validation on the savemetabox function. This makes it possible for unauthenticated attackers to save meta boxe...

4.3CVSS4.3AI score0.00405EPSS
Exploits1References9Affected Software1
Dsquare
Dsquare
added 2012/02/09 12:0 a.m.43 views

Wordpress Verve Meta Boxes 1.2.8 File Upload

File upload vulnerability in Wordpress Verve Meta Boxes plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

6.8CVSS1AI score0.23165EPSS
Exploits17References1
Rows per page
Query Builder