WordPress WP Prayer plugin <= 2.0.9 - Arbitrary Prayer Deletion via CSRF vulnerability

Arbitrary Prayer Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WP Prayer versions = 2.0.9...

EUVD-2023-29615

Malicious code in bioql PyPI...

CVE-2024-3407

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-3405

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-4480

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-4480

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-4751

CVE-2024-4751 relates to the WP Prayer II WordPress plugin (

CVE-2024-4751 WP Prayer II <= 2.4.7 - Settings Update via CSRF

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-4751 WP Prayer II <= 2.4.7 - Settings Update via CSRF

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-4480

CVE-2024-4480 concerns the WP Prayer II WordPress plugin (

CVE-2024-4480 WP Prayer II <= 2.4.7 - Email Settings Update via CSRF

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress WP Prayer plugin <= 2.0.9 - Multiple CSRF vulnerability

Multiple CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WP Prayer versions = 2.0.9...

CVE-2024-3407

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-3405

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3406 WP Prayer <= 2.0.9 - Email Settings Update via CSRF

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3405 WP Prayer <= 2.0.9 - Settings Update via CSRF

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress plugin WP Prayer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin WP Prayer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-25680 · WordPress · Wp Prayer

Name of the Vulnerable Software and Affected Versions: WP Prayer WordPress plugin versions 2.0.9 and earlier Description: The issue concerns the lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unintended actions through CSRF attacks...

PT-2024-25672

Name of the Vulnerable Software and Affected Versions WP Prayer WordPress plugin versions 2.0.9 and earlier Description The issue concerns a lack of CSRF check when updating email settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. This could potentially...