Esterox

Business Card

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-5807

Exploit
  • EPSS 0.67%
  • Veröffentlicht 30.07.2024 06:15:02
  • Zuletzt bearbeitet 28.05.2025 00:50:36

The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configuration...

7.1

CVE-2024-4531

Exploit
  • EPSS 0.17%
  • Veröffentlicht 27.05.2024 06:15:10
  • Zuletzt bearbeitet 01.05.2025 14:09:20

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks

6.4

CVE-2024-4532

Exploit
  • EPSS 0.09%
  • Veröffentlicht 27.05.2024 06:15:10
  • Zuletzt bearbeitet 01.05.2025 14:06:38

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting cards via CSRF attacks

5

CVE-2024-4529

Exploit
  • EPSS 0.11%
  • Veröffentlicht 27.05.2024 06:15:09
  • Zuletzt bearbeitet 01.05.2025 14:13:21

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting card categories via CSRF attacks

6.3

CVE-2024-4530

Exploit
  • EPSS 0.11%
  • Veröffentlicht 27.05.2024 06:15:09
  • Zuletzt bearbeitet 01.05.2025 14:10:42

The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF attacks