RSS   Podatności dla 'Wp125'   RSS

2022-01-24
 
CVE-2021-25073

CWE-352
 
 
The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack

 
2014-05-14
 
CVE-2013-2700

CWE-352
 
 
Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.

 

 >>> Vendor: Webmaster-source 2 Produkty
Wp125
Gocodes

Copyright 2024, cxsecurity.com

 

Back to Top