Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

NVD
NVDadded 2020/06/22 6:15 p.m.9 views

CVE-2020-13426

The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery CSRF vulnerability in the forms it presents, allowing the possibility of deleting records users when an ID is known...

6.5CVSS0.0044EPSS
Exploits2References8
OSV
OSVadded 2020/06/22 6:15 p.m.1 views

CVE-2020-13426

The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery CSRF vulnerability in the forms it presents, allowing the possibility of deleting records users when an ID is known...

6.5CVSS5.8AI score0.0044EPSS
Exploits2References8
Prion
Prionadded 2020/06/22 6:15 p.m.16 views

Cross site request forgery (csrf)

The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery CSRF vulnerability in the forms it presents, allowing the possibility of deleting records users when an ID is known...

4.3CVSS6.7AI score0.0044EPSS
Exploits2References8Affected Software1
CVE
CVEadded 2020/06/22 5:9 p.m.40 views

CVE-2020-13426

CVE-2020-13426 affects WordPress with the Multi Scheduler plugin v1.0.0. The vulnerability is a Cross‑Site Request Forgery in the plugin’s forms, allowing an attacker to delete records (users) when a target ID is known. The root cause is CSRF protection failure in the plugin’s request handling. P...

6.5CVSS6.6AI score0.0044EPSS
Exploits2References8Affected Software1
Cvelist
Cvelistadded 2020/06/22 5:9 p.m.12 views

CVE-2020-13426

The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery CSRF vulnerability in the forms it presents, allowing the possibility of deleting records users when an ID is known...

6.7AI score0.0044EPSS
Exploits2References8
CNVD
CNVDadded 2020/06/01 12:0 a.m.2 views

WordPress Multi-Scheduler Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Multi-Scheduler is a scheduler plugin used in it. A cross-site request forgery vulnerability exists in WordPress Multi-Scheduler versio...

6.5CVSS6.7AI score0.0044EPSS
Exploits2References1
0daydb
0daydbadded 2020/05/30 2:58 p.m.94 views

WordPress Multi-Scheduler 1.0.0 - Cross Site Request Forgery

WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability. Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage:...

6.5CVSS0.90775EPSS
Exploits13
0day.today
0day.todayadded 2020/05/29 12:0 a.m.42 views

WordPress Multi-Scheduler 1.0.0 Plugin - Cross-Site Request Forgery (Delete User) Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.z...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2020/05/29 12:0 a.m.279 views

WordPress Multi-Scheduler 1.0.0 Cross Site Request Forgery

Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.zip Category: Web...

0.3AI score
Exploits0
wpexploit
wpexploitadded 2020/05/29 12:0 a.m.21 views

Multi Scheduler <= 1.0.0 - Arbitrary Record Deletion via CSRF

The lack of CSRF check could allow attacker to delete arbitrary records from the plugin for example Professional ones via a CSRF attack. The issue is not patched, and has ben escalated to WP plugins team on May 29th, 2020 The PoC will be displayed once the issue has been remediated...

4.3CVSS6.4AI score0.0044EPSS
Exploits2References1
Patchstack
Patchstackadded 2020/05/29 12:0 a.m.5 views

WordPress Multi Scheduler plugin <= 1.0.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by UnD3sc0n0c1d0 in WordPress Multi Scheduler plugin versions = 1.0.0. Solution This plugin has been closed as of June 1, 2020 and is not available for download. Reason: Security Issue...

3.3AI score0.0044EPSS
Exploits2References3Affected Software1
Exploit DB
Exploit DBadded 2020/05/29 12:0 a.m.525 views

WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)

Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.zip Category: Web...

7.4AI score
Exploits0
Rows per page
Query Builder