CVE-2023-47792 - How a CSRF Flaw in Big File Uploads Plugin Could Let Attackers Change Your WordPress Settings
If you use WordPress to run your website, you probably know how hard it can be to upload large files. That’s where plugins like
CVE-2023-5382 - How a Simple CSRF Bug Could Let Attackers Delete Your WordPress Posts via Funnelforms Free
---
Summary:
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the popular Funnelforms Free WordPress plugin, affecting versions up to and including 3.
CVE-2023-5383 - Exploiting WordPress Funnelforms Free Plugin CSRF Vulnerability (Versions ≤ 3.4)
---
Published: June 2024
Affected Plugin: Funnelforms Free (≤ 3.4)
Vulnerability: Cross-Site Request Forgery (CSRF)
CVE: CVE-2023-5383
Severity: Medium
Impact: Unauthorized copying of
CVE-2023-5096 - Stored XSS in WordPress “HTML filter and csv-file search” Plugin – How it Works and Exploit Example
If you’re running the popular HTML filter and csv-file search WordPress plugin (csvfilter-search), version 2.7 or lower, your site is vulnerable
CVE-2023-2440 - Critical Vulnerability in UserPro Plugin for WordPress: Cross-Site Request Forgery Leading to Privilege Escalation
The popular UserPro plugin for WordPress is facing a critical vulnerability due to Cross-Site Request Forgery (CSRF) in versions up to, and including, 5.
Episode
00:00:00
00:00:00