CVE-2022-41781

Broken Access Control vulnerability in Permalink Manager Lite plugin = 2.2.20 on WordPress...

CVE-2022-41781

Broken Access Control vulnerability in Permalink Manager Lite plugin = 2.2.20 on WordPress...

Improper access control

Broken Access Control vulnerability in Permalink Manager Lite plugin = 2.2.20 on WordPress...

CVE-2022-41781

The CVE-2022-41781 entry concerns the WordPress Permalink Manager Lite plugin, version

CVE-2022-41781 WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability

Broken Access Control vulnerability in Permalink Manager Lite plugin = 2.2.20 on WordPress...

WordPress plugin Permalink Manager Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

WordPress Permalink Manager Lite Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Permalink Manager Lite 2.2.20.1 and prior versions, which stems from missing or...

PT-2022-26071 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin versions = 2.2.20 Description: The issue is related to a Broken Access Control vulnerability. Recommendations: For Permalink Manager Lite plugin versions = 2.2.20, update to a version higher than 2.2.20 to resolv...

CVE-2022-4021

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

Cross site request forgery (csrf)

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021

The CVE-2022-4021 entry concerns the WordPress Permalink Manager Lite plugin (vulnerable up to and including 2.2.20.1) with a CSRF flaw in the extra_actions function due to missing/incorrect nonce validation. This allows unauthenticated attackers to alter plugin settings, including permalinks and...

CVE-2022-4021 Permalink Manager Lite <= 2.2.20.1 - Cross-Site Request Forgery

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

CVE-2022-4021 Permalink Manager Lite <= 2.2.20.1 - Cross-Site Request Forgery

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extraactions function. This makes it possible for unauthenticated attackers to change plugin settings...

PT-2022-25285 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin for WordPress versions up to, and including, 2.2.20.1 Description: The issue is due to missing or incorrect nonce validation on the extra actions function, making it possible for unauthenticated attackers to chan...

WordPress plugin Permalink Manager Lite 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Permalink Manager Lite 2.2.20.1 and prior versions, which stems from missing or...

Permalink Manager Lite < 2.2.20.2 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Not possible to DiamondCut in frozen status

Lines of code Vulnerability details Impact DiamondCut's executeDiamondCutProposal executes the proposed diamondCut calldata in the Diamond is unfrozen condition. However, if there are any possible situations that require restriction implementation in which the upgrade should be executed in a froz...

Permalink Manager Lite < 2.2.20.1 - Unauthenticated URI Deletion

The plugin does not have authorisation checks when deleting URI, which could allow unauthenticated attackers to delete them...

WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Anh Tien Patchstack Alliance in the WordPress Permalink Manager Lite plugin versions = 2.2.20. Solution Update the WordPress Permalink Manager Lite plugin to the latest available version at least 2.2.20.1...