Lucene search
K

5 matches found

OSV
OSV
added 2019/07/05 2:15 p.m.4 views

CVE-2019-5979

Cross-site request forgery CSRF vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS6.5AI score0.01047EPSS
Exploits0References3
CVE
CVE
added 2019/07/05 1:20 p.m.75 views

CVE-2019-5979

Summary (CVE-2019-5979): A CSRF flaw in the WordPress plugin “Personalized WooCommerce Cart Page” (versions 2.4 and earlier) could allow remote attackers to hijack administrator accounts through unspecified vectors. Public references consistently identify the affected component as the Personalize...

8.8CVSS8.8AI score0.01047EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/05 12:0 a.m.3 views

PT-2019-17913 · Woocommerce · Personalized Woocommerce Cart Page

Name of the Vulnerable Software and Affected Versions: Personalized WooCommerce Cart Page versions 2.4 and earlier Description: A cross-site request forgery CSRF issue allows remote attackers to hijack the authentication of administrators via unspecified vectors. Recommendations: For versions 2.4...

8.8CVSS8.7AI score0.01047EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/06/19 5:13 a.m.2 views

WordPress Plugin "Personalized WooCommerce Cart Page" vulnerable to cross-site request forgery

Overview WordPress Plugin "Personalized WooCommerce Cart Page" provided by N-MEDIA contains a cross-site request forgery vulnerability CWE-352. Akira Yamasaki of Cryptography Laboratory,Department of Information and Communication Engineering,Tokyo Denki University directly reported this...

8.8CVSS6.5AI score0.01047EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/06/19 12:0 a.m.172 views

JVN#88804335: WordPress Plugin "Personalized WooCommerce Cart Page” vulnerable to cross-site request forgery

WordPress Plugin "Personalized WooCommerce Cart Page” provided by N-MEDIA contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin according to the...

8.8CVSS8.5AI score0.01047EPSS
Exploits0
Rows per page
Query Builder