50 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...
CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...
CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...
CVE-2023-45274
CVE-2023-45274 is a CSRF vulnerability in the WordPress plugin SendPulse Free Web Push for versions
SendPulse Free Web Push < 1.3.2 - CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
WordPress Plugin SendPulse Free Web Push Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2023-29478 · Sendpulse · Sendpulse Free Web Push Plugin
Name of the Vulnerable Software and Affected Versions: SendPulse Free Web Push plugin versions = 1.3.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software SendPulse Free Web Push Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45274 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1b155dd53abb Credits Mika Requir...
support.sendpulse.com Improper Access Control vulnerability OBB-1475757
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
sendpulse.com XSS vulnerability
Vulnerable URL: https://sendpulse.com/br/feedback?cid=116%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Type=Text%20AutoFocus%20/;%20OnFocus=confirm%27OpenBugBounty%27%20//%3E%3CSvg%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...