CVE-2023-5352

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...

CVE-2024-13518 Simple:Press <= 6.10.12 - Cross-Site Request Forgery to Unauthorized Post Editing

The Simple:Press Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.10.12. This is due to missing or incorrect nonce validation on the 'spsaveeditedpost' function. This makes it possible for unauthenticated attackers to modify a forum po...

CVE-2024-13518 Simple:Press <= 6.10.12 - Cross-Site Request Forgery to Unauthorized Post Editing

The Simple:Press Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.10.12. This is due to missing or incorrect nonce validation on the 'spsaveeditedpost' function. This makes it possible for unauthenticated attackers to modify a forum po...

WordPress Simple:Press plugin <= 6.10.11 - Cross-Site Request Forgery to Unauthorized Post Editing vulnerability

Cross-Site Request Forgery to Unauthorized Post Editing vulnerability discovered by 20kilograma in WordPress Plugin Simple:Press versions = 6.10.12...

CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply

The Awesome Support WordPress plugin before 6.1.5 does not correctly authorize the wpaseditreply function, allowing users to edit posts for which they do not have permission...