EUVD-2024-42910

Malicious code in bioql PyPI...

CVE-2024-48038

Cross-Site Request Forgery CSRF vulnerability in tuxlog wp-Monalisa wp-monalisa.This issue affects wp-Monalisa: from n/a through = 6.4...

CVE-2024-48038

Cross-Site Request Forgery CSRF vulnerability in tuxlog wp-Monalisa wp-monalisa.This issue affects wp-Monalisa: from n/a through = 6.4...

CVE-2024-48038

CVE-2024-48038 : A Cross-Site Request Forgery (CSRF) vulnerability affects the WordPress plugin wp-Monalisa, version 6.4 and earlier. Multiple sources (NVD, Patchstack, Red Hat, CNNVD, and CVE lists) confirm the issue and indicate a fix is available in version 6.5. The CVSS base score cited in th...

CVE-2024-48038 WordPress wp-Monalisa plugin <= 6.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Hans Matzen wp-Monalisa allows Cross Site Request Forgery.This issue affects wp-Monalisa: from n/a through 6.4...

CVE-2024-48038 WordPress wp-Monalisa plugin <= 6.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in tuxlog wp-Monalisa wp-monalisa.This issue affects wp-Monalisa: from n/a through = 6.4...

PT-2024-32956 · Hans Matzen · Wp-Monalisa

Name of the Vulnerable Software and Affected Versions: wp-Monalisa versions n/a through 6.4 Description: A Cross-Site Request Forgery CSRF issue is present in Hans Matzen's wp-Monalisa, allowing Cross Site Request Forgery. Recommendations: For versions n/a through 6.4, update to a version that...

WordPress plugin wp-Monalisa 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

WordPress wp-Monalisa plugin <= 6.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin wp-Monalisa versions = 6.4...

WordPress wp-Monalisa Plugin <= 6.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software wp-Monalisa Type Plugin Vulnerable versions = 6.4 Fixed in 6.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-48038 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f42673584f5d Credits SOPROBRO Required privilege...

WordPress Monalisa premium theme <= 2.0.9 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze in WordPress Monalisa premium theme versions = 2.0.9. Solution Update the WordPress Monalisa premium theme to the latest available version at least 2.1.3...

Monalisa < 2.1.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)

An Unauthenticated Reflected XSS vulnerability was discovered in the Monalisa theme through 2.1.2 for WordPress. PoC https://example.com/reservation/?state=1%22--%3E%3Cimg%20src=x%20onerror=alertXSS;%3E...

Monalisa < 2.1.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)

An Unauthenticated Reflected XSS vulnerability was discovered in the Monalisa theme through 2.1.2 for WordPress. https://example.com/reservation/?state=1%22--%3E%3Cimg%20src=x%20onerror=alertXSS;%3E...

Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion Vulnerability

No description provided by source. --------------------------------------------------------------------------------------------------------------- Aurora Content Management System Enterprise Edition install.plugin.php = Remote File Include Vulnerability...

Aurora CMS 1.0.2 - &#039;install.plugin.php&#039; Remote File Inclusion

--------------------------------------------------------------------------------------------------------------- Aurora Content Management System Enterprise Edition install.plugin.php = Remote File Include Vulnerability...