EUVD-2019-6745

Malware in sbrugna...

CVE-2019-15828

The one-click-ssl plugin before 1.4.7 for WordPress has CSRF...

WordPress one-click-ssl plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. one-click-ssl is an SSL Transport Layer Security setup plugin that is used in it. A cross-site request forgery vulnerability exists in...

CVE-2019-15828

The one-click-ssl plugin before 1.4.7 for WordPress has CSRF...

CVE-2019-15828

The one-click-ssl plugin before 1.4.7 for WordPress has CSRF...

CVE-2019-15828

CVE-2019-15828 affects the WordPress one-click-ssl plugin, vulnerable prior to v1.4.7 to CSRF. Multiple connected sources confirm lack of CSRF/authorization checks on settings and AJAX methods, enabling unauthorized changes via crafted requests. CVSS data from NVD indicates high impact (C/H, I/H,...

WordPress One Click SSL plugin <= 1.4.6 - Multiple Security Issues

Multiple Security Issues found in WordPress One Click SSL plugin versions = 1.4.6. Solution Update the WordPress One Click SSL plugin to the latest available version at least 1.4.7...

One Click SSL <= 1.4.6 - Multiple Issues

Lack of CSRF and authorisation checks in the settings page, as well as AJAX methods such as ajaxenablessl, ajaxscan and so on could allow unauthorised settings change as well as call of the AJAX methods by a low privileged user. Additionally, it could also allow arbitrary site options update due ...