Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/09/11 7:25 a.m.14 views

CVE-2025-9617 Publish approval <= 1.1 - Cross-Site Request Forgery

The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the publishsaveoption function. This makes it possible for unauthenticated attackers to modify plugin settings v...

5.3CVSS0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/11 7:25 a.m.4 views

CVE-2025-9617 Publish approval <= 1.1 - Cross-Site Request Forgery

The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the publishsaveoption function. This makes it possible for unauthenticated attackers to modify plugin settings v...

5.3CVSS4.9AI score0.00137EPSS
Exploits0References2
CVE
CVE
added 2025/09/11 7:25 a.m.23 views

CVE-2025-9617

CVE-2025-9617: The WordPress Publish approval plugin is affected by Cross-Site Request Forgery in all versions up to 1.1 due to missing/incorrect nonce validation in publish_save_option. This permits unauthenticated attackers to alter plugin settings via forged requests if a site admin is tricked...

5.3CVSS4.9AI score0.00137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.8 views

PT-2025-37144

The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the publish save option function. This makes it possible for unauthenticated attackers to modify plugin settings...

5.3CVSS5.2AI score0.00137EPSS
Exploits0References3
Rows per page
Query Builder