Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2024-35684
- EPSS 0.12%
- Published 08.06.2024 15:15:50
- Last modified 21.11.2024 09:20:39
Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.1.
5.3
CVE-2023-48753
- EPSS 0.11%
- Published 04.06.2024 11:15:50
- Last modified 21.11.2024 08:32:22
Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1.
4.3
CVE-2021-4405
- EPSS 0.13%
- Published 01.07.2023 06:15:10
- Last modified 21.11.2024 06:37:37
The ElasticPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.3. This is due to missing or incorrect nonce validation on the epio_send_autosuggest_allowed() function. This makes it possible fo...
1