Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS5.4AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 9:16 a.m.20 views

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS0.00132EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/02 7:48 a.m.37 views

CVE-2026-8422 Remove meta boxes per user role <= 1.01 - Cross-Site Request Forgery to Settings Update

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

4.3CVSS0.00132EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45709

Name of the Vulnerable Software and Affected Versions Remove meta boxes per user role versions prior to 1.02 Description The plugin is subject to Cross-Site Request Forgery, a flaw where an attacker tricks a victim into executing an unwanted action. This occurs due to missing or incorrect nonce...

4.3CVSS5.4AI score0.00132EPSS
Exploits0References11
Rows per page
Query Builder