CVE-2024-35554 - Exploiting CSRF in idccms v1.35's NewsWeb Delete Endpoint
Summary:
On June 2024, a Cross-Site Request Forgery (CSRF) vulnerability was found in idccms v1.35. Bad actors can exploit it to make unwanted changes
CVE-2023-44478 - How a CSRF Vulnerability in WP Hive Events Rich Snippets for Google Allows Attackers to Exploit Trusted Credentials
_Discovered in 2023, CVE-2023-44478 shocked website owners who used the WP Hive “Events Rich Snippets for Google” WordPress plugin. This cross-site request forgery (CSRF) vulnerability
CVE-2024-4597 - Exploiting GitLab EE SAML CSRF to Force Merge Request Approval
GitLab EE (Enterprise Edition) is well-known in the DevOps world, powering workflows and helping teams ship software faster. But with great popularity comes scrutiny—and
CVE-2024-2756 - How Incomplete Fixes Lead to Cookie Confusion in PHP (With Exploit Details)
Sometimes, old vulnerabilities don’t stay buried. CVE-2024-2756 is a perfect example: it comes about because an earlier fix for CVE-2022-31629 wasn’t complete. This
CVE-2023-51484 - Breaking Down the Login as User or Customer (User Switching) WordPress Plugin Vulnerability
On modern content management systems like WordPress, plugins are vital for site functionality and customization. But when plugins have security issues, your site and data
Episode
00:00:00
00:00:00