CVE-2024-11419
CVE-2024-11419 affects the Password for WP WordPress plugin (versions up to and including 1.3). The vulnerability arises from missing or incorrect nonce validation in get3_init_admin_page(), enabling unauthenticated attackers to update plugin settings and inject script via forged requests. Wordfe...