Visual Link Preview plugin allows unauthorised AJAX calls with CSRF nonce exposure, enabling authenticated users to access Draft post content, password-protected post titles, and upload images from URLs
Reporter | Title | Published | Views | Family All 5 |
---|---|---|---|---|
Prion | Cross site request forgery (csrf) | 20 Sep 202110:15 | – | prion |
NVD | CVE-2021-24635 | 20 Sep 202110:15 | – | nvd |
wpexploit | Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls | 18 Aug 202100:00 | – | wpexploit |
CVE | CVE-2021-24635 | 20 Sep 202110:15 | – | cve |
Cvelist | CVE-2021-24635 Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls | 20 Sep 202110:06 | – | cvelist |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo