106 matches found
CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-51531
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...
CVE-2023-51531
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...
CVE-2023-51531 WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...
CVE-2023-51531 WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...
CVE-2023-51531
Technical details about CVE-2023-51531 (CSRF in Thrive Automator) are not provided in the connected documents. Available sources confirm Thrive Automator affects versions up to 1.17, but do not disclose exploitation vectors, root cause specifics, or mitigations. Monitor for updates.
WordPress Plugin Thrive Automator Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2024-14184 · Thrive Themes · Thrive Automator
Name of the Vulnerable Software and Affected Versions: Thrive Automator versions 1.17 and earlier Description: A Cross-Site Request Forgery CSRF issue affects Thrive Automator, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For Thrive...
WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)
Software Thrive Automator Type Plugin Vulnerable versions = 1.17 Fixed in 1.17.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51531 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2f7174a74dd1 Credits Brandon Roldan...
Thrive Theme Builder < 3.24.2 - Cross-Site Request Forgery
Description The theme does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
Thrive Theme Builder < 3.24.0 - Missing Authorization
Description The theme is vulnerable to unauthorized use of functionality due to missing capability check in one of its functions. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke this function intended for higher-privileged users. The exact...
Thrive Theme Builder < 3.24.0 - Subscriber+ Privilege Escalation
Description The them is vulnerable to privilege escalation, allowing any authenticated users, such as subscribers to elevate their privileges...
CVE-2023-47781
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...
CVE-2023-47781
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...
CVE-2023-47781 WordPress Thrive Theme Builder Theme < 3.24.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...
CVE-2023-47781
Thrive Theme Builder (WordPress) before version 3.24.2 is vulnerable to Cross-Site Request Forgery (CSRF). Root cause: missing CSRF checks in the affected theme builder, enabling unauthorized actions by forged requests from logged-in users. Impact per CVSS: high (8.8/10), affecting confidentialit...
PT-2023-30604 · Unknown · Thrive Theme Builder
Name of the Vulnerable Software and Affected Versions: Thrive Theme Builder versions prior to 3.24.2 Description: A Cross-Site Request Forgery CSRF issue exists, which is a type of attack that tricks a user into performing unintended actions on a web application. Recommendations: For versions pri...