Lucene search
WpvulndbWPVDB-ID:559DB0A5-E5FF-4C43-82E7-DA7BB22EC1D6HistoryDec 08, 2023 - 12:00 a.m.
teachPress < 9.0.5 - Cross-Site Request Forgery
2023-12-0800:00:00
wpscan.com
15
teachpress
wordpress
cross-site request forgery
Description The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.4. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVE-2023-52129 may be a duplicate of this issue.
Related
nvd
nvd
CVE-2023-52129
2024-01-05 09:15:09
CVE-2023-48755
2023-12-18 16:15:10
prion
prion
Cross site request forgery (csrf)
2024-01-05 09:15:00
Cross site request forgery (csrf)
2023-12-18 16:15:00
cvelist
cvelist
cve
cve
CVE-2023-52129
2024-01-05 09:15:09
CVE-2023-48755
2023-12-18 16:15:10
wordfence
wordfence
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for WPVDB-ID:559DB0A5-E5FF-4C43-82E7-DA7BB22EC1D6