18 matches found
CVE-2025-62101
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through = 3.0.0...
CVE-2025-62101
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through = 3.0.0...
CVE-2025-62101
CVE-2025-62101: CSRF vulnerability in Pardakht Delkhah is described in the Initial document as affecting Pardakht Delkhah up to version 3.0.0; there are no connected documents with concrete technical details (no vendor/product/version specifics beyond what’s in the Initial Description). Monitor f...
EUVD-2025-206002
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0...
CVE-2025-62101 WordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah pardakht-delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through = 3.0.0...
CVE-2025-62101 WordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0...
WordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Pardakht Delkhah versions = 3.0.0...
PT-2025-54393
Cross-Site Request Forgery CSRF vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0...
WordPress plugin Pardakht Delkhah 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
WordPress Pardakht Delkhah plugin <= 2.9.8 - Form Fields Reset via CSRF vulnerability
Form Fields Reset via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Pardakht Delkhah versions = 2.9.8...
CVE-2024-6230 Pardakht Delkhah <= 2.9.8 - Form Fields Reset via CSRF
The پلاگین پرداخت دلخواه WordPress plugin through 2.9.8 does not have CSRF check in place when resetting its form fields, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
CVE-2024-6230 Pardakht Delkhah <= 2.9.8 - Form Fields Reset via CSRF
The پلاگین پرداخت دلخواه WordPress plugin through 2.9.8 does not have CSRF check in place when resetting its form fields, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
WordPress Pardakht Delkhah Plugin <= 2.9.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software Pardakht Delkhah Type Plugin Vulnerable versions = 2.9.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6230 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ed137387c856 Credits Bob Matyas Required...
WordPress plugin Pardakht Delkhah 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging websites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
CVE-2022-4307 Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS
The پلاگین پرداخت دلخواه WordPress plugin before 2.9.3 does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...
WordPress plugin The Pardakht Delkhah 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS
The plugin does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. PoC 1. Install and activate WoocCommerce dependency, no configuration...