Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:F03156D3-0B6A-4FA6-A2B0-7218F3BA40A4
HistoryJul 11, 2019 - 12:00 a.m.

One Click SSL <= 1.4.6 - Multiple Issues

2019-07-1100:00:00
wpscan.com
6

0.002 Low

EPSS

Percentile

51.5%

JSON

Lack of CSRF and authorisation checks in the settings page, as well as AJAX methods such as ajax_enable_ssl(), ajax_scan() and so on could allow unauthorised settings change as well as call of the AJAX methods by a low privileged user. Additionally, it could also allow arbitrary site options update due to the way the update_option() and update_site_option() are used in the admin() and admin_network() functions.

PoC

CPENameOperatorVersion
one-click-ssllt1.4.7

Related

wpexploit 1
cve 1
openvas 1
cvelist 1
nvd 1
prion 1
wpexploit
wpexploit
One Click SSL <= 1.4.6 - Multiple Issues
2019-07-11 00:00:00
cve
cve
CVE-2019-15828
2019-08-30 14:15:10
openvas
openvas
WordPress One Click SSL Plugin < 1.4.7 CSRF Vulnerability
2019-09-05 00:00:00
cvelist
cvelist
CVE-2019-15828
2019-08-30 13:10:10
nvd
nvd
CVE-2019-15828
2019-08-30 14:15:10
prion
prion
Cross site request forgery (csrf)
2019-08-30 14:15:00

0.002 Low

EPSS

Percentile

51.5%

JSON
Related for WPVDB-ID:F03156D3-0B6A-4FA6-A2B0-7218F3BA40A4
wpexploit1cve1openvas1cvelist1nvd1prion1