RSS   Vulnerabilities for 'Wp125'   RSS

2022-01-24
 
CVE-2021-25073

CWE-352
 

 
The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack

 
2014-05-14
 
CVE-2013-2700

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.

 

 >>> Vendor: Webmaster-source 2 Products
Wp125
Gocodes


Copyright 2024, cxsecurity.com

 

Back to Top