10 matches found
EUVD-2021-34223
Malicious code in bioql PyPI...
CVE-2021-4396
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
CVE-2021-4396
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
CVE-2021-4396
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
Cross site request forgery (csrf)
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
CVE-2021-4396 Rucy <= 0.4.4 - Cross-Site Request Forgery Bypass
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
CVE-2021-4396
The CVE refers to the Rucy WordPress plugin with a CSRF vulnerability up to version 0.4.4. The root cause is missing or incorrect nonce validation in the save_rc_post_meta() function, allowing unauthenticated attackers to save post meta by convincing a site admin to perform an action (e.g., click...
CVE-2021-4396 Rucy <= 0.4.4 - Cross-Site Request Forgery Bypass
The Rucy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4.4. This is due to missing or incorrect nonce validation on the savercpostmeta function. This makes it possible for unauthenticated attackers to save post meta via a forged request grant...
WordPress Plugin Rucy 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
WordPress Rucy plugin <= 0.4.4 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by Jerome Bruandet in WordPress Rucy plugin versions = 0.4.4. Solution This plugin has been closed as of June 15, 2021 and is not available for download. Reason: Security Issue...