3 matches found
PT-2024-38937 · WordPress · Tourfic
Name of the Vulnerable Software and Affected Versions: The Tourfic plugin for WordPress versions up to, and including, 2.11.20 Description: The issue is due to missing or incorrect nonce validation on several functions, including tf order status email resend function, tf visitor details edit...
WordPress Redux Framework <= 4.1.23 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability
Cross-Site Request Forgery CSRF Nonce Validation Bypass vulnerability found by ErwanLR in WordPress Redux Framework versions 4.1.22 - 4.1.23. Solution Update the WordPress Redux Framework to the latest available version at least 4.1.24...
WordPress Contextual Related Posts plugin <= 2.9.3 - Cross-Site Request Forgery (CSRF) Nonce Validation Bypass vulnerability
Cross-Site Request Forgery CSRF Nonce Validation Bypass vulnerability found by Lenon Leite in WordPress Contextual Related Posts plugin versions = 2.9.3. Solution Update the WordPress Contextual Related Posts plugin to the latest available version at least 2.9.3...