6 matches found
EUVD-2023-40636
Malicious code in bioql PyPI...
CVE-2023-36693
Cross-Site Request Forgery CSRF vulnerability in Alain Gonzalez WP RSS Images plugin = 1.1 versions...
CVE-2023-36693
Cross-Site Request Forgery CSRF vulnerability in Alain Gonzalez WP RSS Images plugin = 1.1 versions...
CVE-2023-36693
Cross-Site Request Forgery CSRF vulnerability in Alain Gonzalez WP RSS Images plugin = 1.1 versions...
CVE-2023-36693
CVE-2023-36693 describes a CSRF vulnerability in the WordPress plugin WP RSS Images, version <= 1.1. The root cause noted in Patchstack is insufficient nonce verification, enabling unauthenticated CSRF. Public references confirm the vulnerability affects unauthenticated users and can enable CS...
WordPress WP RSS Images Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP RSS Images Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-36693 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b8ffa72740fa Credits LEE SE HYOUNG...