Duplicate Post Security Vulnerabilities and Issues — Duplicate Post CVE List

Copy-delete-postsDuplicate Post

2 matches found

CVE•added 2023/07/28 4:37 a.m.•60 views

CVE-2023-0958

CVE-2023-0958 affects WordPress plugins developed by Inisev that expose an inisev_installation AJAX action. The root cause is a missing capability check in the handle_installation function, enabling an authenticated attacker with minimal privileges (e.g., a subscriber) to install select Inisev pl...

6.5CVSS6.4AI score0.00557EPSS

CVE•added 2023/07/28 4:37 a.m.•44 views

CVE-2023-3977

CVE-2023-3977 describes a Cross‑Site Request Forgery (CSRF) in multiple Inisev WordPress plugins, due to a missing nonce on the handle_installation function invoked by inisev_installation via AJAX. This enables unauthenticated attackers to trigger installation of plugins from a limited list if a ...

4.3CVSS4.7AI score0.00512EPSS