5 matches found
CVE-2021-4411 WP EasyPay – Square for WordPress <= 3.2.0 - Cross-Site Request Forgery Bypass
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the wpepdownloadtransactioninexcel function. This makes it possible for unauthenticated attackers...
CVE-2021-4411 WP EasyPay – Square for WordPress <= 3.2.0 - Cross-Site Request Forgery Bypass
The WP EasyPay – Square for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the wpepdownloadtransactioninexcel function. This makes it possible for unauthenticated attackers...
CVE-2021-4411
CVE-2021-4411 involves the WP EasyPay – Square for WordPress plugin for WordPress, with a Cross-Site Request Forgery flaw up to version 3.2.0 caused by missing or incorrect nonce validation in the wpep_download_transaction_in_excel() function. This allows unauthenticated attackers to trigger a tr...
CVE-2022-47177
Cross-Site Request Forgery CSRF vulnerability in WP Easy Pay WP EasyPay – Square for WordPress plugin = 4.1 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WP Easy Pay WP EasyPay – Square for WordPress plugin = 4.1 versions...