Lucene search
K

50 matches found

Prion
Prion
added 2023/10/16 9:15 a.m.23 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

6.8CVSS8.8AI score0.00214EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/16 8:21 a.m.11 views

CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

4.3CVSS8.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/16 8:21 a.m.38 views

CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

4.3CVSS9AI score0.00214EPSS
Exploits0References1
CVE
CVE
added 2023/10/16 8:21 a.m.52 views

CVE-2023-45274

CVE-2023-45274 is a CSRF vulnerability in the WordPress plugin SendPulse Free Web Push for versions

8.8CVSS6.5AI score0.00214EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/10/16 12:0 a.m.22 views

SendPulse Free Web Push < 1.3.2 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00214EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/10/16 12:0 a.m.7 views

WordPress Plugin SendPulse Free Web Push Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS6.5AI score0.00214EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/16 12:0 a.m.9 views

PT-2023-29478 · Sendpulse · Sendpulse Free Web Push Plugin

Name of the Vulnerable Software and Affected Versions: SendPulse Free Web Push plugin versions = 1.3.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.5AI score0.00214EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/10/06 12:0 a.m.11 views

WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software SendPulse Free Web Push Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45274 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1b155dd53abb Credits Mika Requir...

8.8CVSS6.6AI score0.00214EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2020/11/02 3:17 a.m.17 views

support.sendpulse.com Improper Access Control vulnerability OBB-1475757

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/04 8:51 a.m.16 views

sendpulse.com XSS vulnerability

Vulnerable URL: https://sendpulse.com/br/feedback?cid=116%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Type=Text%20AutoFocus%20/;%20OnFocus=confirm%27OpenBugBounty%27%20//%3E%3CSvg%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score
Exploits0
Rows per page
Query Builder