WordPress MBE eShip Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software MBE eShip Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.2.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-38729 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4adf7a356e66 Credits Joshua Chan Required...

WordPress MBE eShip Plugin <= 2.1.2 is vulnerable to Sensitive Data Exposure

Software MBE eShip Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.2.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-38742 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID df94a639a0f7 Credits Joshua Chan...

WordPress MBE eShip Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software MBE eShip Type Plugin Vulnerable versions = 2.2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37953 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29e677285ea0 Credits Dimas Maulana Required privilege...