CSRF vulnerability
Custom Twitter Feeds Vulnerability – A Tweets Widget or X Feed Widget – Cross-Site Request Forgery to Plugin Options Update – CVE-2024-0379 | WordPress Plugin Vulnerability Report
Plugin Name: Custom Twitter Feeds – A Tweets Widget or X Feed Widget Key Information: Software Type: Plugin Software Slug: custom-twitter-feeds Software Status: Active Software Author: smashballoon Software Downloads: 2,300,603 Active Installs: 100,000 Last Updated: February 13, 2024 Patched Versions: 2.2.2 Affected Versions: <= 2.2.1 Vulnerability Details: Name: Custom Twitter Feeds <= 2.2.1 Title: Cross-Site…
Read More
Paid Memberships Pro Vulnerability – Cross-Site Request Forgery to Level Orders Update – CVE-2024-0624 | WordPress Plugin Vulnerability Report
Plugin Name: Paid Memberships Pro Key Information: Software Type: Plugin Software Slug: paid-memberships-pro Software Status: Active Software Author: strangerstudios Software Downloads: 5,532,954 Active Installs: 90,000 Last Updated: January 24, 2024 Patched Versions: 2.12.8 Affected Versions: <= 2.12.7 Vulnerability Details: Name: Paid Memberships Pro <= 2.12.7 – Cross-Site Request Forgery to Level Orders Update Type: Cross-Site Request Forgery (CSRF) CVE: CVE-2024-0624 CVSS Score: 5.3 (Medium) Publicly Published: January 24, 2024…
Read More
Newsletter Vulnerability– Send Awesome Emails from WordPress – Cross-Site Request Forgery |WordPress Plugin Vulnerability Report
Plugin Name: Newsletter – Send Awesome Emails from WordPress Key Information: Software Type: Plugin Software Slug: newsletter Software Status: Active Software Author: satollo Software Downloads: 23,000,399 Active Installs: 300,000 Last Updated: January 10, 2024 Patched Versions: 8.0.7 Affected Versions: <= 8.0.6 Vulnerability Details: Name: Newsletter <= 8.0.6 Title: Cross-Site Request Forgery (CSRF) Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N CVE:…
Read More
WordPress Plugin Vulnerability Report – Abandoned Cart Lite for WooCommerce – Cross-Site Request Forgery
Plugin Name: Abandoned Cart Lite for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-abandoned-cart Software Status: Active Software Author: tychesoftwares Software Downloads: 1,004,642 Active Installs: 30,000 Last Updated: December 1, 2023 Patched Versions: 5.16.2 Affected Versions: <= 5.16.1 Vulnerability Details: Name: Abandoned Cart Lite for WooCommerce <= 5.16.1 – Cross-Site Request Forgery Title: Cross-Site Request Forgery Type: Cross-Site Request Forgery (CSRF) CVSS Score: 5.3 (Medium) Publicly Published: December…
Read More