Similarity Security Vulnerabilities and Issues — Similarity CVE List

Lucene search

DavidjmillerSimilarity

2 matches found

CVE•added 2024/06/14 6:15 a.m.•43 views

CVE-2024-3971

The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack

5.4CVSS4.8AI score0.00145EPSS

CVE•added 2024/06/14 6:15 a.m.•37 views

CVE-2024-3972

The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

5.7CVSS4.7AI score0.0005EPSS